Re: IT security? Ha!
Regularly changing the password can often be detrimental...
Chances are the root password for suse and mysql cannot be directly used externally, SSH is likely configured to disallow root logons and mysql is often configured not to allow remote connections, making the root password only useful if you have physical access to the console or access to an unprivileged account that is able to run 'su'...
Similarly if using modern hashing its unlikely a 12 character password will be cracked unless its dictionary based, and thats assuming you can get a copy of the hashes.. If you can get the hashes you usually already have root, but people reuse passwords across multiple systems and hashes can sometimes be lifted from backups or installation images.
If your password is complex and rarely changed, people who need it can remember it...
If your password has to be changed regularly, then people are unlikely to keep remembering new random passwords, instead they will cheat - either using simplistic passwords (dictionary words, formulaic and predictable passwords etc), or write their passwords down. Most companies require users to change their passwords monthly, and huge numbers of those users use a dictionary word as their password with a number on the end that either relates to the month/year in which the password was set, or simply increments with each change.
Personally i never change the root passwords on my servers either. To use them you need physical access, all remote access is via SSH with keys.