Password Policy
On the Policies page, you can define the password policy for your organization.

Go to Configurations > Password Policy to change the following settings.
Minimum length: Minimum number of characters a password should contain.
Upper case length: Number of characters in upper case that must be in the password.
Lower case length: Number of characters in lower case that must be in the password.
Non-Alpha numeric length: Number of non-alphanumeric characters that must be in the password.
Numeric length: Number of numeric characters that must be in the password.
Max repeat characters: Number of characters allowed to be repeated in the password.
Password expires in (days): Number of days after which the user must reset their password.
Days before user is allowed password change: Number of days after which the user can change the password.
Select Update.