Setup > Security System > Company Options Screen > Days to Force Employee Password Change

Enter a number between 15 and 9999 that defines the number of days between forced password changes for employees at your institution. 9999 means the password will never expire.

Password changes are forced after the specified length of time. This feature protects your institution from fraudulent use of a security code for any extended period. Should a security code be violated, the user could immediately assign themselves a new security code. If the violation goes undetected, the violated code is only usable until the Days to Force Employee Password Change days are reached.

If you change the value in this field, the change is applied to all new employees added after the change. To change the password expiration deadline for your current employees, use the Password Expiration field on the Security > Setup screen, Employee tab for each employee.