This article appears mistaken about which parts of the guidelines are new.
The recommendation against periodic password change requirements, for example, has been part of NIST guidelines for years, in previous versions of this document. This has not kept a large number of US federal and state government agencies from requiring periodic password changes, sometimes even stating that it is a regulatory requirement. It's not clear that the NIST guidelines have any effect whatsoever on the very government NIST is part of.
The recommendation for periodic password change requirements is changing from SHOULD NOT to SHALL NOT, which hopefully will have an effect on things moving forward.
> Verifiers SHALL verify the entire submitted password (i.e., not truncate it).
That'd be a nice world to live in. I love making an account with a service just to not be able to log in because the password that the sign up form allowed is too long for the log in form.