Say what?? Some special characters are better than others for passwords.

When an attacker gets a password hash, they need to pick which charset to use to crack it. Some people say there are only 4 categories: lower alpha, upper alpha, numbers, and special characters. However brute-force password crackers like Cain, and more advanced cracking tools like rainbowtables, distinguish between types of special characters. They ask if you’d only like to include the weaker special characters which are more commonly used: !@#$%^&*()-_+=

…or would you like to include the far less likely to be chosen set of extended special characters? ~’>{[\|/.:”;,]}<`? Since cracking tools distinguish between these sets, you should too, and you should use characters from all 5 groupings. Even a password like Abc123 is more secure as "A,b,c,1.2.3?" - and how much harder is that to remember? It's easier than you think to bulletproof your password against advanced cracking technologies. You could surround your password in "quotes", or with [square brackets]. You could make it something easily memorable like {$19.95!}Ca||-n0\/\/ or "C:\WinNT\$Y5T3M\" or `Ta~0!!' The possibilities are, of course, endless. But the key is to use all 5 sets. Set 1: ABCDEFGHIJKLMNOPQRSTUVWXYZ Set 2: abcdefghijklmnopqrstuvwxyz Set 3: 0123456789 Set 4: !@#$%^&*()-_+= Set 5: ~'>{[\|/.:”;,]}<`? To further throw attackers off the trail, you could refuse to use commonly used characters, such as !, 1, e, 3, E, o, O, 0, 5, S, s, and some others. Then every time a cracker tries a pw with those chars in it, they will fail every time, and you can take comfort in their wasted CPU cycles.