For as long as corporate IT has been in existence, users have been required to change their passwords periodically. In fact, the need for scheduled password changes may be one of the most long-standing of all IT best practices.
Recently, however, things have started to change. Microsoft has reversed course on the best practices that it has had in place for decades and no longer recommends that
Source: Read More (The Hacker News)