549
NIST proposes barring some of the most nonsensical password rules
(arstechnica.com)
This is a most excellent place for technology news and articles.
Another ridiculous policy I've seen (many years ago) is logging in too fast. I used to get locked out of my banks website all the time and I used autotype with KeePass so I was baffled when it wouldn't get accepted. Eventually I had a thought to slow down the typing mechanism and suddenly I didn't get locked out anymore.