Most of what we've been told over the years about what makes a good password has been wrong, so it's no surprise most people pick bad passwords. This talk will cover the history of password policy and password cracking starting from the days before computers had passwords up to modern password cracking and modern protections against it. Along the way I'll cover Richard Stallman's little-known history as a password cracker, the golden days of password guessing featured in movies like Hackers and WarGames, and draconian IT password policies and why they don't work. By the end everyone should have plenty of ammunition to take back to their IT department and get rid of those horrible password policies.