>>EthanH+(OP)
> Do not give long-lived credentials to your users.
This screams "we'll use more post-it notes for our passwords compared to before", or maybe the real world to which this memo is addressed is different compared to the real (work-related) world I know.
>>pagane+PF
It specifically calls out not requiring regular password rotation. Short-lived credentials is for tokens with expiration, not the password you use to login to the service that gives you the token.