Making Passwords Random

In 2017 the US National Institute of Science and Technology (NIST) published a wonderful document entitled “Digital Identity Guidelines - Authentication and Lifecycle Management” containing detailed guidelines and recommendations for password use. In addition, it expressed useful opinions about the (bad!) password policies that many systems and organisations work with. It may be because of this that Microsoft adjusted some of their default password policies. NIST Special Publication SP800-63b is freely available, and periodically updated.