Change Your Passwords How Often

In the limit, if we change passwords on each use, someone watching sessions cannot reuse an old password. That's true, but if we change passwords every other use, watching sessions has a 50% chance of reuse on each try, and one success may allow the attacker to plant a Trojan Horse for unlimited reentry. The "in the limit" case is not particularly helpful here. If a password can be surveilled technically, it's also likely that the session can be taken over by a man-in-the-middle attack, in which case the password really isn't the problem.