NIST recently revised their recommendations and removed password expiration as a recommended practice. I generally think it's better to use a password manager, use a different password for every service, and change the password on that service when there's evidence of a breach.

I must have completely missed this outage. According to their status page there were some attacks against their update system, but I never had any issues resolving names, either for my domains hosted with them, or with my free hosts.