Contributors to this thread:

Part of our cybersecurity training we have to undergo at USyd. But is this quite right? surely if I am following all other recommendations, including my personal details in my /password/ makes it easier to remember, makes it longer, while harder for dictionary attacks to succeed?

image.png 49.16 KB

Seems it is a best practice recommended by NIST. However, it is very limited in what should not be included.