I'd like to know our gut feelings

I've noticed no real differences I can put my finger on but of course that is not to say there aren't any. I was caught out a long time ago using the same password at multiple places and learned my lesson then so my perl monks password was not used elsewhere. As a result, the worst thing that could have happened (had my password been outed as it appears it was for some) is that someone could have logged into perl monks and pretended to be me . I have difficulty in imagining that could have caused any real long term harm that could not have been put right (as a mere Pilgrim I didn't have much to lose anyway).

The fact that the password is still 8 characters and may or may not be disguised/hashed whatever in the database still to this day does not overly concern me other than what the world outside might think about it.

The "Users, please read the following important update: Status of Recent User Information Leak" message seems to have been on the monastery gates for a long time now and I wonder if that might put some people off joining. As far as I can see it serves little purpose for any anonymous visitors and in any case a) how many signed up members start at the monastery gates b) often you cannot see the message because a front paged article is formatted such it is off the right of the screen.

"did the exploit change the behavior of monks in any way?"

I'd guess most changed their password to something they do not use elsewhere ;-)