Do you use expiring or non-expiring password for the instance owner? Single-partitioned instances.

Non-expiring, unless you are suicidal.

As per their security standards, a user id that has SYSADM, SYSMAINT or SYSCTRL can't have a non-expiring password. So, we might have to change them all to expire. This is a headache to remember to change the password on all servers and there are quite a few.

What happens if the instance's password get expired and we forget to change it on time? As far as I know, the instance will continue to run but any application that's using the instance id to connect to the db will get an error. Also, "sudo su - 'instance'" will fail and prompt to change the password? Will anything else be affected?

su, when run by root, does not care if the password is expired or even if the account is locked.

We sudo from our personal id's. I'm not too worried about not being able to su to the instance owner, I'm more concerned about anything else that could be impacted if the instance's password get expired.