Password Policy Expiration too weak - Never
Impact area
Security
Severity
Medium
Affected element
Profile
Org Config
Rule ID
SF-0175
Impact
Weak password expiration policies can open you up to brute force and dictionary attacks. Passwords with over 90 days expiration time are unsafe.
Remediation
Modify the password expiration time to ninety days or less.
Time to fix
30 min
References
This rule is linked to Common Weakness Enumeration CWE-521 Weak Password Requirements.