Don't tell your password to other people! Just don't do it!
Never, ever send a password by email!
- If an email which looks authentic asks you to log in on a website, it may still be fake. Check by asking the IT crew personally.
- If you enter a password, try keeping in mind if someone is watching you.
- A lot of damages can be done with the knowledge of your password. The argument 'I have nothing to hide' is useless if someone charges your bank account against your will.
- When chosing a password, keep a good balance between a password which you can remember easily, but others cannot guess easily: use upper case / lower case / digits / special characters. Approximately 10 characters long.
Don't write your password down.
- If you absolutely must write your password down, keep the note in a secure location where others cannot access it (e.g. your wallet or a safe). Never put the note somewhere visible.
Use password managment tools (like e.g. KeePassX).