NIST: Longer passwords beat complicated ones

Password requirements are often needlessly complex, according to the standards-setting body, which has proposed rules for government agencies.