New or updated passwords must now meet these criteria:

- Minimum password length (characters): 8

- Contain characters from three of the following four categories:
* English uppercase characters (A through Z)
* English lowercase characters (a through z)
* Base 10 digits (0 through 9)
* Non-alphabetic characters (for example, !, $, #, %)

- The past three passwords cannot be reused.

- After 5 incorrect password attempts, the user account will be locked out for 15 minutes. After 11 incorrect password attempts, the user will be forced to reset the password.