Periodic password change – an extra layer of security or just a burden to your employees?

For a long time, a good password policy has had 3 key factors: strong passwords, periodic change of passwords, and activation of Multifactor Authentication. Nowadays the value of periodic password change is questionable and many organizations, like NIST and Microsoft, find this obsolete and worthless.