Passwords must meet the following criteria:
- Password may not contain the user's account name.
- Password must be at least eight characters long.
- Password must contain characters from three of the following four categories:
- English uppercase characters (A-Z)
- English lowercase characters (a-z)
- Base 10 digits (0-9)
- Non-alphanumeric characters (For example, !, $, %, ^, &, etc.)
- Password may not be re-used for 12 months.
- Password must be changed every 90 days.