At the end of the standard, cite one reference for your recommendations. Remember in this exercise that CSI appears to be challenging the old-school 8-character complex password rule. If you wish to challenge that rule yourself, or reinforce that rule and continue to use it, you need to supply at least one reference, and more would make for a more effective argument. Your citation does not need to be in any formal citation style. Ensure that your citation is good enough to find the reference.
This must be an original work. Do not rely on publicly available templates to fill in. Because this is a concise and focused paper, some matching will be detected by the SafeAssign tool. It is common for subject headers to match previous submissions. You may get a match score in the 30% range. Don’t worry about that. I’ll be looking for original work in the body of the paper. Bottom line – you’re a creator, not an editor.
Read examples of password standards online. Some organizations may call them password policies, which is confusing, but that ‘policy’ will focus on specifics on how to put a proper password together. You also will find some authoritative recommendations from NIST (National Institute of Standards and Technology). Happy Googling.