Many times, I have seen the advice to change a password frequently. In general, and specifically in the current situation, why? In the absence of any evidence of a compromise, it seems like changing the password is merely inflicting an inconvenience on myself. It especially baffled me when I was required to change a password every 60 or 150 days to some different, 15+ character string including upper case letters, lower case letters, numbers, and symbols and not one of the previous 10 passwords—and then be told to memorize it and don't write it down.

If someone is trying to brute-force crack a password, then it seems like I am just as likely to change the password to the next character string the bad guy uses as the string just used in an attempt. In other words, I am as likely to shoot myself in the foot as not.

The only reason I can see to change a password (in the absence of evidence of shenanigans) is if I believe someone is using my credentials to peruse something but not actually taking anything like points. What am I missing?