Passwords are like keys to the locks of your online accounts say Facebook, Gmail, Twitter and many more. Passwords are made so that only you can access your account and no one else has the authority to access your account without your permission. Created mainly for security purposes, they are required to ensure that no one tampers with your account and all your information remains safe. But with growing cybercrimes, hackers are doing everything to get into your online account that’s why now IT security stack exchange made some policies that will make you change your password in 90 days; otherwise your password will expire, to ensure your account security.
The expiration polices come handy when a hacker breaks in your password and tries to steal the important information or corrupt the system. These policies also help in protecting some important old back up or other important information from the attacker.
Generally, when a hacker tries to get into your account and acquire the shadow password file, then even you may not be able to access your own account. Once the hacker has your password now there is no way to stop the attacker from getting into your account unless you change your password in the time.
If your hash algorithm is strong enough then it can hold the security till 90 days but after that your account can easily be hacked. So, for that reason sometimes when you log in, it shows your password has expired. To prevent this annoying problem it is better to change your account password in a span of 45 days. It is one way to keep your account and computer secure and force you to change the password periodically.