Does your bank request/require that you change the PIN on your ATM card every few months?
ATM cards are not passwords, they are a coarse form of two-factor authentication - You have the card, you have the PIN.
You have to possess both in order to transact - at least in in theory.
Compare that with the secrecy surrounding the CVV - the "last three digits on the number on the back of the card" which you are "not meant to tell anyone" and which _will_ be different if your card is lost/stolen and reissued.
If I'm not supposed to not "tell anyone", why is it even printed where I can read it? ---- [Context is only having so-many brain cycles to memorize passwords.]
It's harder as we get old. Use technology to aid with the heavy lifting. :-)
Right. But the meta problem is figuring out which technology to trust. Phishing is the tip of the iceberg on social engineering. So far, the bad guys are winning. -- These are my opinions. I hate spam.