In a beautifully irreverent tone, Brian Barrett from Wired magazine took on the long-standing and much maligned "password expiration" policies that have become a mainstay in most modern businesses. You may know password expiration by its more familiar Active Directory message, "Your password will expire in 14 days. Do you want to change it now?" No. Sorry, force of habit. Most organizations and banks, in particular, have been good soldiers of security and implement impossibly difficult password requirements with astonishingly short expiration periods. All of this has led to a situation where users either come up with a creative means of barely altering a favorite password or they forget it all the time or they write it down. None are beneficial to actual security. These expiration policies more resemble flailing and yelling at an armed assailant. Sure it might work, but it's just as likely to not work.