https://password.us/tags/standards/ Recent content in Standards on password.us - Your Guide to Password Security Hugo en-us Mon, 11 May 2026 00:00:00 +0000 https://password.us/guides/nist-password-guidelines/ Mon, 11 May 2026 00:00:00 +0000 https://password.us/guides/nist-password-guidelines/ <p>The National Institute of Standards and Technology (NIST) sets the password policies that US federal agencies must follow. Their guidelines (SP 800-63B) have rippled out to influence corporate policies worldwide.</p> <p>The most recent revision threw out decades of conventional wisdom.</p> <h2 id="what-nist-dropped">What NIST dropped</h2> <p><strong>Mandatory complexity rules.</strong> The old requirement to mix uppercase, lowercase, numbers, and special characters is gone. NIST found that these rules lead to predictable patterns (<code>Password1!</code>, <code>Summer2026$</code>) that are easy to guess.</p>