Is there any evidence that passwords meeting KLM's criteria are more secure than any other combination of 8 - 12 characters?
Restricting options this way just invites people to pick Qwerty1234 or similar easy to remember variations on that theme which I encounter a lot.
Johan