Mautic Community Forums

Password Expire Policy

My idea is:
Add a password expire policy: eg. after a configurable amount of time (eg. 6 month) the user is forced to change password on login

I think these groups of people would benefit from this idea:
The end user security and companies that needs to deal with GDPR and ISO or PCI DSS

Why I think they would benefit from this idea:
This allow compliance, together with a policy to strengthen the password

Any code or resources to support this idea:
there are some commonly used libraries to enforce password strength