I don't know exactly know why, but the only logical reason I can think of as a justification of having to change my password on my company computer every couple of months is so that in the rare case that I leave the company I can't access the computers after a couple of months.
They (the IT guys) tout this measure as added security but I believe that my passwords are now less secure. Why? Well because I was able to remember them, but after so many changes I can't think of anything else that I know I will be able to remember after a weekend. So what do I do? That's right, sticky note next to the computer. Anyone at my desk can now find my password by just looking, not by guessing like that had too before. This is far less secure.
However there is even a more sinister security hole that is made with frequent password changes that require many types of characters -they appear to be strong words when in fact they will be very predictable.
For example, a typical password choice might be: 12#$TY . Seems pretty secure right? I doubt it is, and I bet it is on the short list for password crackers. Why? Because the password is just 1234ty, with shift being held down for the 34ty part. It is easy to type, easy to remember, and satisfies the three types of characters requirement.
So are our computers any safer now that we have to have complicated passwords that rotate every so often. I doubt it; determined hackers will easily be able to find patterns in the passwords or physical evidence of passwords. However, is it a pain in the butt to have to keep coming up with new passwords?