The new password guidelines from NIST seem eminently sensible: 1) No periodic password changes; 2) No imposed complexity; 3) Disallow weak passwords. Wonder how long before they’re widely adopted.