NEVER use passwords that are in the list below:
Make sure that you insist on the use of strong passwords across your environment – use passwords that are longer than 7 characters, combining uppercase and lowercase letters, symbols such as # or @ and numbers.
Look out for suspicious activity – check any unauthorised access to your systems, failed login attempts or out of hours activity. Limit the number of log-in attempts so that the system is locked down once the threshold has been reached. Remove user accounts that are no longer being used