
A password is a string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.
Early password advice from NIST in 2003 was to use 9-character, complex passwords (UPPERCASE, lowercase, special characters !@#$%, and numbers) and to be changed every 90 days. In 2017, NIST amended its advice because the consequences of their early advice was less secure than their new advice.
2017 NIST password Advice was to migrate companies to 14+ character passphrases that did not require complexity nor expire.
Related Terms: Password Manager, Passphrases
Source: FIPS 140-2