Password Expiration Policy

You can enforce a password expiration period for users across the domain in the [Advanced > Preferences > Password Expiration] menu.
When the policy is enabled, users must reset their password once the configured period has passed.

⚠️
This policy applies only to local account users.
Users who sign in through external authentication such as Keycloak or Google are not affected.

Configure the Password Expiration Policy

Open [Password Expiration]

Go to [Advanced > Preferences] and select the [Password Expiration] tab.

Enable the Policy and Set the Expiration Period

Turn on [Enable Password Expiration] and enter the expiration period in days.

ItemValue
Default90 days
Minimum1 day

ℹ️
The [Expiration Period] field stays disabled until the toggle is turned on.
Changes are applied only after you click [Save Change]. Switching the toggle alone does not save the policy.

Check Password Expiration by User

Once the policy is enabled, a [Password Expiration] column appears on the [IAM > User] page.

DisplayMeaning
D-nThe password expires in n days
+n (red)The password expired n days ago
-External authentication users, or users who have never changed their password

ℹ️
The column is hidden while the password expiration policy is disabled.

What Users Experience

Expiration Warning

When 10 days or fewer remain before expiration, a [Change your password] notice appears after login.
Select [Change Now] to move to [My Page > Account & Profile] and change the password there, or [Later] to postpone.

After the Password Expires

Once the password has expired, the user is redirected to the password reset page right after login and must reset the password before using the service.

⚠️
Previously used passwords cannot be reused. When resetting, the user must enter a password that has never been used on the account before.