How Often Should I Change My Password?
If you work for a company then you should first check your IT security policy to see how often you should change your password.
If your company doesn’t have a specific policy or you are considering passwords for personal access, if you have a strong password in place there is no need to change it, unless you think it has been compromised. You should also use Multi Factor Authentication wherever possible.
Changing passwords regularly can often lead to individuals choosing either an easy to remember and insecure password or they may write the password down, purely for minimal disruption and ease to continue to do their job. It also tends to lead to password re-use (using the same password across multiple systems). All of these are more likely to lead to a compromise of the account.
Whilst changing passwords more regularly does help to prevent specific types of password attacks, on balancing this risk with the factors above it is now widely accepted that regular, enforced password changes is not necessary.