Following are the ten points I used to go through and determine the password is strong enough.
1. The password does not contain a dictionary word (regular English dictionary words will be weak and can be revealed for dictionary attacks)
2. The password does not contain any personal information or identifying information
3. Having with regular password strengthening methods such as upper case and lower case characters, numbers, allowed special characters and minimum of 8 characters in length
4. Do not use character sequence or consecutive numbers, "abcd..", "1234.." "qwerty..." or even "uiop.."
5. Uniqueness, not used the same password elsewhere in the universe, by me or available online for illustrations.
6. Not created by a weak password generating software
7. Not copy and pasted using a computer clipboard. (text in the clip board is available to web browsers using basic java scripts)
8. Does not formed of a single word or regular phrase
9. Not made up of easy pass phrase such as "123456", "password" or "qwerty"
10. Do not repeat characters