In every organization I have worked with managing user authentication and passwords was a huge challenge. The key issue was that the "old" password best practices were **failed attempts to fix the user, not the system**. This post Finally: Some Sane Password Advice first appeared on Dan Stroot's Blog
