Working in IT my biggest beef is with so called security experts that insist that the best password is the one you have to change frequently. Bullship! The best password is one which is bulletproof, and can last a lifetime. Give me an 11 space, alphanumeric, non- dictionary based password, and you can have security for life. Make me change it every 30 days and I’ll soon change it to something easily remembered, and most likely sequential. So if one is a sports fan, the usual password is sportsteamyear, e.g. RedSox17, have kids? kidsnameyear, petsnameyear, etc. In many cases forced change only results in the password being on a post-it note somewhere on or near the computer.