Here, finally, a piece by one of the leading experts in computer security, Gene Spafford, about where the "need" to regularly change your password came from, and why it won't help much:

two highlights:
"In summary, forcing periodic password changes given today?s resources is unlikely to significantly reduce the overall threat"


"This is DESPITE the fact that any reasonable analysis shows that a monthly password change has little or no end impact on improving security!"

Read More about [myth about regular password change busted...