It is frustrating and harassment to force us to change every employee's password on an annual basis, and it's totally unnecessary. I've been using dentrix since 1993, with the same password, and there have never been any problems from that. These are the kind of dumb changes that just make your customers mad.
This is also a Sarbanes Oxley NO NO *wink*
From a seasoned security professional, I vote down this change.
Disabling will cause a HIPPA violation, if your network is not secure. Password changes should be 30 days to ensure security measures.
Easy example that I can guess.
*I bet you have used the same password for multiple accounts online. Banks, email, pizza, etc. If you have, the password that is hacked will be used. *wink*