All passwords in Windows and SQL Server must be hard to crack.
Suggestions for stronger passwords in Windows and SQL Server:
Do not use known words or user names in your password
Include special characters (!@#$%*) and numbers in your password
To really increase password strength, use a non-printable ASCII character. I.e. within the password, 'secret' embed an alt character secret where you hold down the ALT key while pressing the 1,2 and 9 keys on the numeric keypad.
For laptop users, you will have to activate NUMLOCK and use the j, k, l, u, i, o keys that correspond to the numeric keypad.
If you have an account called 'test' and it is an administrator level account, do not use the password 'test'.
For more details read: http://technet.microsoft.com/en-us/library/cc783860.aspx