Katie Couric's Notebook: Passwords

I bet this happens to you, too. You log onto your bank account to pay a bill and get a message that your password's expired.

Sure, it's annoying, but it only takes a minute - plus picking a new password makes your information safer, right?

Well, maybe not.

According to a study by Microsoft researcher Cormac Herley, changing your password every few months is usually just a waste of time. He argues anyone who steals it will use it right away. So, changing it later is like closing the barn door after the horse has bolted.

Instead, Herley suggests you follow the advice we've heard for years. Pick a password that's hard for someone else to guess. If you go with something common like "ABC123" or the word "password" ... you're just handing hackers a digital key.

Just make sure it's something you can remember. Otherwise by the time you finally memorize it - someone's going to make you change it.

That's a page from my notebook.

I'm Katie Couric, CBS News.