Instead of changing the many passwords that we need to enter every 60 or 90 days, we should be allowed to choose one password to last indefinitely. Also, make stronger requirements for a long lasting password. Include letters, characters, and numbers, and make sure it is sufficiently long.
It only takes five minutes to change a password, but with multiple passwords changing frequently, the time can add up. Also, time is lost when a user gets locked out because they forgot their new password.
As far as security goes, what villain would go to the trouble of acquiring a government password and then wait a month to act on it?
Granted, there is the danger of long-term use if a password is discovered, but in many cases it is fairly easy to guess the next password in a series. (I know you advance the last number once every time you change it, but don't worry, your identity is safe with me.) There are also users who use the same password across multiple accounts, and it isn't hard to figure out user names for government employees.
I think it would be better to have stronger passwords to keep unauthorized individuals out of our system than to have a series of weak passwords in an attempt to mitigate damage after a month of access.