We recommend that you use strong passwords whether or not your network, on-line service or application requires them.
Strong passwords are at least 10 characters that include at least one each of the following:
You should not use your user name as any part of your password. But there are tricks that can be used to make your password easy to remember. For example, some use a simple word or phrase, and replace vowels with symbols and numbers, e.g., S3cur!tyC0nsc!ous (where 0 is a numeric zero).
In many settings, space is valid password character, which allows you to use a phrase if you prefer. The longer your password, the more difficult you make it for brute force attempts to succeed.
For devices like mobile phones and tablets, avoid settling for the 4 digit numeric default password. Change your setting to allow longer alphanumeric values. Not convenient if you don't have a model that can unlock with a thumbprint recognizer, but essential if you keep sensitive data on your mobile device.
It's a nuisance but changing your passwords regularly is a good practice, as is using distinct passwords for each of your applications.