Your password is either compromised, or it isn’t. Changing it every now and then won’t help against that.

The RU server’s the eldest sibling and gets all of the cool stuff first, and more of it.

The EU’s second and while not getting as much as RU gets more than the NA server

The SEA server’s the youngest and gets all of the attention from WG, who wants to increase the size of the playerbase on that server (hence the “Migrate to SEA” events that show up every few months or so)

The NA server gets the leftovers, and besides The_Chieftain we don’t really have a whole lot going for us.

Well . . .

Here are the possible reasons for changing your password:

1) It was a poor password to begin with. Unfortunately, this is usually the case, as has been demonstrated by widely public database breaches.

In this case, changing the password probably won’t do much good, the people who chose good passwords are inconvenienced for no reason whatsoever, and those who chose poor passwords will probably choose an equally crappy replacement.

2) They put an unreasonable requirements on the password, limiting the entropy.

This is not the case with Wargaming, as KeePass says I have a password with 100 bits of entropy. Hackers are unlikely to crack good passwords by brute force, unless Wargaming does something stupid with your password, like store it with a weak hashing algorithm.

If they did everything right, your password shouldn’t be able to be cracked in a million years, much less in month.

3) They got hacked.

In which case, they should force people to change their passwords immediately, no excuses.

—-
The reason why a lot of businesses internally do a regular password reset is because of bad habits of people – saving passwords on post-its, sharing passwords with coworkers, etc. They just want to limit the effectiveness of rogue passwords.

The business is highly responsible for the actions of their employees, so there is a big incentive to “clean up” the passwords every once in a while.

However, for this to be effective, they have to *force* employees to change their passwords – they can’t be nice and request it to be changed.

Things are a bit different for outside the business – it’s expected that we, the player, is responsible for our password, and we’d probably throw a big fit if password changes were mandatory. If I were to share my password, I’m responsible for the breach, not Wargaming.

—-
TL;DR: You don’t really have to change your password monthly to be secure, if you had a good password to begin with and don’t share it.

In fact, if they really want to push for stronger authentication – they should consider offering authenticators and authentication apps, like Blizzard has been doing for their products.