It is a common assumption that changing your password more frequently offers tight security to your system; the truth seems to be different. Instead, frequently changing your passwords weakens your security systems. According to the Federal Trade Commission’s Technologist, Lorrie Cranor and other security experts believe that a very strong password is enough to keep a system secure, compared to changing passwords frequently. This, however, does not mean that the passwords should not be changed, it only suggests that passwords be changed after a long period of time and not regularly, as most organizations require their employees to do.
Reasons why Frequently Changing Passwords is counterproductive
Frequently changed passwords do not inspire creativity in creating new passwords. Most people only do it as a requirement, and therefore don't choose their password diligently.
Secondly, most people will tend to a certain phrase or combination, which is similar to the one they used when creating the previous password. This is what experts call transformation. This could be dangerous to the system as the new passwords may be susceptible to cracking by hackers, who might follow the pattern and predict the code based on your previous password.
Instead of a frequent password change, people should consider using a more powerful password and stick to it for a long period of time of 1 year. Over the time duration, they will be creative enough to come up with another strong password, instead of following the pattern from the previous password. If you still insist on a frequent password change, then it is important to use a password manager that will help you come up with new and creative passwords.