I routinely work with people who argue that their 8 character passwords are secure because they force complexity requirements. This simply isn’t true. Picking a passphrase (or simply a much longer password is mathematically more secure. Some smart person will point out that if I know all passwords consist of combinations of only dictionary […]