FWIW, I know a site running Authentix that has a shared password that has been listed on various password sites for about 8 weeks... and the password still works.

I didn't realize that Authentix was a password security thing, the webmaster mentioned it in passing and i thought it was something else.

Maybe they don't have it implemented correctly, but I was surprised to say the least.