NIST's New Password Guidelines

America’s National Institute of Standards and Technology (NIST) have recently updated their guidelines on how to handle the most basic and ubiquitous method of authentication, the password. This is important because it sets expectations across the board as to what good password practice looks like. If I may be unfairly stereotypical, small websites often lack basic security measures like hashing their password database, while large companies enforce myriad arbitrary password rules that hinder more than they help.