Security experts have been saying for decades that human weakness can trump the best technology.
Apparently, it can also trump conventional wisdom.
Since passwords became the chief method of online authentication, conventional wisdom has been that changing them every month or so would improve a person’s, or an organization’s, security.
