“It might be getting easier to remember all of your passwords. The standards organization of the United States, NIST, has concluded that many common requirements for passwords, like forcing you to use special characters, are misguided.
Instead, NIST recommends the use of lengthy passwords, and instructs administrators to allow passwords to run at least 64 characters long. It also says people should only be forced to change their passwords if there is evidence of tampering, rather than at an arbitrary interval.
The newly finalized guidelines attempt to balance the limits of human memory with proper digital security. A password with special characters may be hard to remember but easy for a computer to guess. On the other hand, a long and simple password is easy for a human to remember and actually very difficult for a computer to guess.”
Source: The US government’s requirements for passwords has changed — Quartz