These guidelines apply to both your Partner Manager account password and to merchant passwords. PayPal strongly recommends that you regularly change your passwords.
Follow these guidelines when creating a password:
The password must be 7 to 32 characters long.
The password is case-sensitive.
The password must contain a mix of letters, numbers, and/or special characters. Passwords containing only letters or only numbers are not accepted.
Single quotes, double quotes, ampersands ( ‘ " & ), and spaces are not allowed.
Successive passwords should not follow a pattern.
The password cannot be the same as the Login Name and should not contain any part of the merchant company name or User Login name.
Do not post or share the password or send the password to others by email.
Follow these security procedures when adding new merchant Payflow accounts.
Use a unique password for each merchant account. The passwords should not follow a pattern (for example, do not use a sequence like merchant1, merchant2, merchant3).
In a secure manner, provide the merchant with your Partner ID, their Merchant Login Name, and the password that you assigned to them. (This enables the merchant to access PayPal Manager.) Do not send the information by clear-text email.
Ensure that the merchant immediately accesses PayPal Manager to change the assigned password to a password of their choice.
Urge merchants to change their passwords regularly. The PayPal Manager password-update page provides guidance to merchants.