Password Expire Policy

hanicker · December 13, 2021, 10:16am

My idea is:
Add a password expire policy: eg. after a configurable amount of time (eg. 6 month) the user is forced to change password on login

I think these groups of people would benefit from this idea:
The end user security and companies that needs to deal with GDPR and ISO or PCI DSS

Why I think they would benefit from this idea:
This allow compliance, together with a policy to strengthen the password

Any code or resources to support this idea:
there are some commonly used libraries to enforce password strength

Topic		Replies	Views
Access token lifetime (in minutes) and Refresh token lifetime (in days) missing Product Support	6	804	February 2, 2020
How Can I Create a segment for contacts that last login date more than 90 days ago? Product Support	19	2720	June 23, 2021
Pop-up warning when you're about to be logged out Ideas and Feature Requests user-interface	0	282	March 24, 2022
16/05/2023 Model Proposal - Section 7, Amendements to this Governance Model Governance community , governance , discussion	1	195	June 23, 2023
OpenId connect Ideas and Feature Requests	1	490	October 17, 2019