Bug#656509: user-setup-udeb: Please consider amending password advice
A good password will contain a mixture of letters, numbers and
punctuation and should be changed at regular intervals.
Complexity in a password is good and probably unarguable, although
length should also be considered to have some importance, Why advise
changing it at regular intervals? Why not advocate not imparting it to
anyone or not reusing it on other systems? Is there something which
causes a good password to degenerate over time?
The second part of the advice does not appear to have any technical
basis so removing it would be of little consequence.