You've probably heard this before from computer experts: If you want to be as safe as possible, you should change all your passwords once a year. But is that really true?
A guy named Glenn Fleishman has written a bunch of books on cyber security. And he says it's NOT really true. If a password is sufficiently strong and hasn't been leaked on the dark web, it's overkill, and you don't need to change it EVER.
There are two things to be careful about though . . .
1. Make sure it really is a strong password. Adding numbers and special characters makes it stronger. Ideally, it should be at least 12 characters long.
2. Don't use the same password on multiple sites. That DOES increase your chances of being hacked, because if your password for one site leaks, they can access multiple sites. But he says it's not a big risk if you have different passwords for different sites.
His suggestion is to use your computer or phone's password manager, and let it generate and save secure passwords for you.
Then NEVER change them unless you find out one was part of a data breach.