a semi-permanent psa on passwords

Passwords should never expire: https://www.sans.org/security-awareness-training/blog/time-password-expiration-die

Passwords should not be changed often: https://www.schneier.com/blog/archives/2016/08/frequent_passwo.html

Password “complexity” is — mostly — a joke: https://www.xkcd.com/936

You have been breached: https://blog.augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches

Passphrases are better than passwords — and https://password.ga will generate them for you (it will also generate random passwords that pass complexity requirements)

Use a password manager of some kind

Originally published at antipaucity.