In order to ensure strong security on passwords for external users, a Cornell Secure File Transfer password must:

• be at least 7 characters long
• include at least 3 of the following 4 kinds of characters: lower case, upper case, numbers, special characters/symbols
• not be the email address, the sender's NetID, or any common dictionary word