
NIST recommendation: Use random generated passwords - fulldecent
https://github.com/usnistgov/800-63-3/issues/449
======
pixpop
Doesn't that result in them being written down? How do you remember fifty or
so randomly generated passwords?

~~~
fulldecent
You don't. If you can remember it, it will be guessed by a script.

------
fulldecent
NIST has a draft recommendation regarding password security in SP 800-63B.
This issue discusses amending this to have systems generate a randomized
password. This would be preferred rather than users generating their own
passwords.

The idea is to fix the problem of password reuse (XKCD 792).

