You were right: It’s a waste of your time. A study says much computer security advice is not worth following.

Please do not change your password

[U]sers are admonished to change passwords regularly, but redoing them is not an effective preventive step against online infiltration unless the cyber attacker (or evil colleague) who steals your sign-in sequence waits to employ it until after you’ve switched to a new one, Herley wrote. That’s about as likely as a crook lifting a house key and then waiting until the lock is changed before sticking it in the door.

You change passwords for much the same reason you would change codes — to keep ahead of someone who is stealing periodically updated information from you. But it’s not going to help protect static information, like your credit card information and bank account numbers. Once you’re hacked, that will be compromised.