As a minimum, passwords you set for NHS England systems and tools must
have a level of complexity which ensures they cannot be easily guessed
by hackers or malicious software. They should:
- Be at least eight characters long
- Not contain your user name, real name, or organisation name
- Be significantly different from previous passwords
- Contain a mixture of characters
Passwords must not under any circumstances be shared with anyone.