The settings associated with Password Policy determine whether (and how long) users can keep passwords, how many unique passwords a user must have before the oldest can be re-used, and how much warning they get before their password expires.
Display the password policies by clicking the PasswordPolicy icon in the navigation page. The individual policies appear in the right page.
Figure 16-32 Application Security Policy Page -- Password Policies
Edit a policy by clicking it; an editor appropriate to that policy appears in the lower portion of the page. This policy editor lets you manage the following:
• Password History
• Password Expiration Warning
• Password Expiration Age
• Allow Password Reuse
• Minimum Password Length
• Require a special character
• Require a number
• Require Mixed Case
• Allow UserId in Password
• Allow Reverse UserId in Password
• Allow Same Character Consecutively
• Require Password Match Regular Expression