Bruce Schneier discusses passwords and how often they should be changed.
How often should that be? Schneier says it depends on what a password is used for. The more people have to change their passwords, the more likely they are to choose ones that are easy-to-remember – and easy-to-guess.
Credentials with biometrics can diminish the importance of passwords, Schneier adds. He provides a lengthy treatise on passwords as part of good security practices.