Since never changing your password isn’t generally a realistic option, and some sites actually prevent you from using good passwords and, even better, passphrases, we’ve produced a number of articles and papers on the topic to help make it easier to follow good practice, even when your provider seems set on preventing it. Here they are as a list, to make it easier to follow.
The Boston Globe suggested that changing passwords is a waste of time, based on their interpretation of an article by Herley Cormac. Cormac's paper – well worth reading, by the way - reinforces a point that has been made many times both by me and by the "user education doesn't work" lobby. While I don't believe that education is useless,