I've been going through my aging and weak passwords since version 4 introduced the security audit. I do so every week for about 10 minutes and by now I don't have any duplicate passwords and in the 3+ category any longer.
The problem with some of the passwords is now that I can't change them ever because they are given to me by "upstream" entities (like access codes for buildings). Or alternatively some passwords I can never make "strong" because the site (banks, sic) forces insane rules.
The benefit of the security audit to me is that I can just go through those lists and identify passwords that I should take action on.
However, now that I've gone through most of them, the lists are loosing a lot of value because they get the noise described above and I have to look real hard to find passwords I can take action upon.
If I could make a wish I'd imagine an improvement like this:
What do you think?
Great that you introduced the audit!