You must choose a new password that is considerably different from the old one, and you must choose a password that is not easily guessable. Your password will be checked against a dictionnary before it is accepted by the system. Do not choose "Coldbeer" as a password.
Because the passwd program can be anal about poor passwords, picking a good one isn't always easy. A good way to generate a decent password is to think of a phrase that you'll likely remember and use the first letter of each word in that phrase as your password. For example: "To be or not to be" could be abbreviated as "2BoN2b".
Never share your password. It's against the user agreement for you to do it, despite the fact that it's a stupid thing to do. Don't set private files world readable. UNIX file permissions allow other people to read your files depending on how the permissions are set. If you are unsure about things like this, don't mess with the default permissions.
We don't allow FTP or telnet because both protocols allow for the transfer of your password in plain text. We don't allow plain IMAP or POP, but instead require SSL wrapped versions of both. We use SSL for our webmail system as well. You never need to send your password in plain text.
We make every effort to keep our systems as up to date as possible and we monitor security related mailing lists for that reason.
If you absolutely have to do this, you'll have to come to the office. Then
we'll nuke your old account and create a fresh one. All data on the old
(existing) account will be lost forever.