Allow me to point you to several sources over the last few years on why frequent password changes are bad:Time to rethink mandatory password changes | Federal Trade CommissionFrom NIST - the United State National Institute for Standards and Technology.Q-B5: Is password expiration no longer recommended?A research paper from University of Maryland on why bits of entropy in a password matter more than rules like At least one uppercase letter, one lowercase letter, a number, and a symbol.http://www.cs.umd.edu/~jkatz/security/downloads/passwords_revealed-weir.pdf I think I'll believe the security experts over T-Mobile's security decisions.
T-mobile is way behind the times on this. It used to be best practice to change your password every few months to prevent someone from being able to repeatedly try to log in as you, with a new password guess each time. Now, it's considered significantly more risky to force a password change frequently because it increases the risk that people will write the password down somewhere like a notepad near the keyboard or a stickynote in the wallet. Unfortunately, T-Mobile's idea of security is to irritate enough customers that they leave for other providers, thus reducing their risk.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.