Must of been a big brick...

Another reason to change passwords periodically is social engineer attacks, your passwords might be uncrackable for the next 20 years, but all it takes is one user to give out his or her password to someone else and they are in until you find out that they are in and where they came in, assuming you do find out that someone stole a password.

People are lazy. They dont like to memorize passwords. One of your users may deside that he or she does not want to remember a new password and use that same password in another location such as on a website. Maybe the website stores the password in plain text or some method that is easily breakable. Websites have data stolen all the time or the website owner may not be the most honest person.