Require Users to Periodically Change their Passwords
Auditors are suggesting that passwords be "forced" to change at least every 90 days for security reasons. Perhaps give a 14-day notice of expiration of current password.
Through our new Password Policy setting, you can configure the complexity and length of time before a password expires.
Currently, this functionality is behind a feature flag so please reach out to support or your client success manager and then can help you get it configured.