I routinely work with people who argue that their 8 character passwords are secure because they force complexity requirements.  This simply isn’t true.   Picking a passphrase (or simply a much longer password is mathematically more secure.  Some smart person will point out that if I know all passwords consist of combinations of only dictionary […]