Originally Posted by
GUWonder
Increased frequency of password changes does provide some increased account security.
The industry is beginning to disagree with that point of view - essentially where you have mandatory password changes people tend to use simpler passwords and then alter them in a very predictable way after each reset. In the end it's felt that any security benefit gained from having changing passwords is offset by the simplicity / predictability of passwords used.
There's a good blog post about this at
https://www.ftc.gov/news-events/blog...ssword-changes