On 6/24/19 5:45 PM, Jude DaShiell wrote:
The last standard the United States Navy used before it migrated to smartcards was 16 characters with at least two digits; at least two upper-case, at least two lower-case, and at least two special characters. A slight improvement on that would have been to insure the pass phrase started and ended with a letter.
Unrelated to the topic at hand, these password recommendations have been outdated for about a decade.
Additionally, that 'slight improvement' you're mentioning actually *decreases* the search-space required for bruteforcing...