>OTOH, you should be grateful that your passwords are allowed to exist as long as 6 weeks. I'm not kidding here - a lot of organizations are much stricter than that - and in many cases, rightfully so. I could certainly see it for your organization.

The 6 week password change has frustrated people so much (they forget their passwords) that they do the following:
- share accounts and passwords
- someone logs the computer in the morning and leaves it going for everyone all day
- avoid using the computer system

Thus the technique has backfired. I believe we should follow the lead of the banks. On pin (password) and you change it if and when you want.