Hackers take the path of least resistance..........passwords are only one hurdle to a breach!
Neither password strength nor password changes keep a real hacker from the goal of breaching a network.........2 factor authentication ought to be a must for anyone who wants REAL secure access (puts a minimum of two hurdles in the path). Then you can have a password that is somewhat memorable and not have to change it because the 2nd factor is constantly changing. Second factor authentication is affordable (FREE....Google Authenticator) for all or minimal cost (Authanvil or Lastpass) at best so there is no reason everyone cannot go beyond single factor authentication (password only......too easy to hack regardless of strength or frequency of change) to using something of today's technology to secure access to nearly anything.
Keep Up with TechRepublic