Depends on what your recovery model is. If it it full recovery I'd avoid running dbreindex because the opreation is logged - so you;re looking at 27 Gb transaction log....
Have you checked the security log? Look for any account management events in the security log and hopefully it'll display who changed the password, from what workstation etc.