Changing passwords on a regular basis to improve security has been a part of the security scene for so long that no one questions its wisdom. Certainly provides a line of defense against unknown password compromise or failure to change passwords after working responsibilities change.
It can backfire when there is little or no possibility of an unauthorized password holder. The need to remember changing passwords lead to them being written down on post it notes or stored somewhere in your computers files.
I would like to hear from you, How often are passwords changed in your organization? What should the interval be, and why?