One of the main conceptions of a highly secure environment, with a lots of GPOs interlinked and enforced, is the mental-make up of having a strong password policy. On the contrary, there is a wide-open possibility of a "password policy slip". These users can go unnoticed, unmanned for password change and undeniably open doors for threat. 

Some of the advantages of changing passwords, at regular intervals are, 

1. Compromised employees who have been using your password cannot snoop in and remain, over an extended period.

2. Reduces the risk of password cracking, especially if the password phishing time is greater than the interval of password reset. 

3. Encourages security for data and resources, within employees. Also, promotes the need for more. 

ADManager Plus provides exhaustive reports on passwords and once such report is   Password Unchanged Users. Through this report, you can identify accounts and probe why passwords have not been changed(if all accounts are from the same OU - a policy linked with that OU) and enforce password change.