Just to be clear: there is no reason anybody should be typing a password in 2025, other than maybe their master password for a keyvault. Also, 14 characters is not secure*. It needs to be at least 16, and that’s if you generate it randomly.
Four randomly selected words, XKCD style is also good
according to Jeremi M Gosney, yer best source for password cracking and defense
Just to be clear: there is no reason anybody should be typing a password in 2025, other than maybe their master password for a keyvault. Also, 14 characters is not secure*. It needs to be at least 16, and that’s if you generate it randomly.
Four randomly selected words, XKCD style is also good
Aren’t dictionary bruteforcing really efficient ?
Kind of, but also it doesn’t matter much: https://techcommunity.microsoft.com/blog/microsoft-entra-blog/your-paword-doesnt-matter/731984
In the context of things that rely on passwords for security it matters very much.
The Microsoft blog post that you reference is about their systems which displace that reliance, for both better and worse.