brief paper of 300 words explaining each security recommendations. Do you agree or disagree with these recommendations. Would you change, add or delete any of these?

An IT Security consultant has made three primary recommendations regarding passwords:
1. Prohibit guessable passwords such as common names. Require special characters and a mix of caps, lower case and numbers in passwords.
2. Reauthenticate before changing passwords
3. Make authenticators unforgeable