Password rotation isn’t necessary anymore according to NIST. Use long/strong unique passwords combined with MFA.
Furthermore, public wifi risk is overblown. As long as you ensure encrypted communication, you’re good.
This has no direct effect on privacy by the way.
Source: I’m an information Security manager.
Better use a cipher then for your pen and paper transmission. Invisible ink as well.