Proposed NIST Password Guidelines Soften Length, Complexity Focus Posted on May 4, 2017 by Simon Steed NIST’s latest password guidelines focus less on length and complexity of secrets and more on other measures such as 2FA, throttling, and blacklists.