Personal Access Token returns 401 with 'bad credentials'

The personal access token I was using is not left idle for at least 1 year and is still visible under my account (which I suppose it means it wasn’t deleted by itself). But when I use it, it returns 401 with text ‘bad credentials’.

Is there a hidden expiring period for the personal access token by default? The token itself hasn’t been created for a year (it is created about 2~3 months ago) so there’s no way for it to be idle for a year. The token works fine back then but it stops working recently.

BTW, after regenerating the token and replace the old one with the new one, the problem is fixed. Just want to know how can I prevent this from happening again.