Expiring password notification

[Rod Widdowson]

> our wise
> board of regents has decided that we will soon be arbitrarily expiring
> passwords every 6 months.

I'm sure it won't help you, but from NIST (who might know what they are talking about)

"Digital Identity Guidelines", published June 2017
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf

> Do not require that memorized secrets be changed arbitrarily 
> (e.g., periodically) unless there is a user request or evidence of
>  authenticator compromise. 

And yes I'm cherry picking...

R