Rules concerning passwords can be different depending upon the use case. A normal home user can get away with a standard 8 – 12 character password as long as it has some upper-case characters and numbers in it.
A business would require more security, physical security of the actual hardware and a stronger password, like 12 – 24 characters with many upper-case characters and numbers. This would be enforced with a strong password policy and changing passwords regularly. Using a VPN to connect remotely to the business and then accessing services on the network securely would be ideal.
A large corporation would have very secure passwords, this would possibly involve alternative authentication methods to allow connections securely. a RADIUS server would be a good way to allow secure connections to a remote server. RADIUS over TLS is designed to provide secure communication of RADIUS requests using the Transport Secure Layer (TLS) protocol. This would provide even more security for a remote connection. Using RADIUS authentication with Azure Multi-Factor Authentication would be the most secure option.
There is a guide here: https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/task/radsec-configuring.html. This is how to set up RADIUS over TLS. One consideration of these systems is physical security and what to do when a laptop is stolen. Encryption/authentication keys may be revoked and then access will not be possible. But the aforementioned Azure Multi-Factor Authentication would really help secure such a critical system. Using encryption would be very important when roaming and using untrusted networks. A VPN is very useful when using the Internet to connect to a local network. The user connects to an IP address, then access is granted to a local network over NAT to grant secure encrypted access to local services.