Bruce Schneier recently confirmed that frequent password changes are a bad idea. In his post, he refers to research which shows that the use of incremental changes by most users makes passwords easy to guess. But can we dispense with the need to change passwords entirely? According to advice from the UK government we can.

File Attachments