We’ve said for years (possibly decades) that frequent password changes don’t necessarily make systems more secure. Now the National Institute of Standards and Technology has issued draft recommendations encouraging longer passphrases, rather than passwords, and doing away with frustratingly or ridiculously frequent forced changes. (Anyone installed Quickbooks 2016 recently?) We have liked long, easy to remember phrases and 2-step/2-factor authentication for a long time. Read more about the whys and hows here: https://www.washingtonpost.com/news/the-switch/wp/2016/08/11/theres-a-new-way-to-make-strong-passwords-and-its-way-easier/