Explore the evolving landscape of password security in this 57-minute conference talk from BSidesLV 2016. Delve into Jim Fenton's insights on improving password requirements, covering topics such as the SP 800-63-3 update, guiding principles, and standards language. Learn about crucial aspects of password management, including maximum length, character sets, composition rules, and dictionary usage. Examine the implications of verifier storage, secret display practices, and memorized secret expiration. Gain understanding of pre-registered knowledge, out-of-band authenticators, and the role of biometrics in modern authentication. Engage with the ongoing conversation surrounding password security and discover strategies for implementing more effective password policies.