For the security of a user, Joget can be configured with the validity of the password
Passwords can be set to expire after a period of time. This allows administrators to expire account passwords and require users to reset their password
To expire an account password
Go to System Settings>Directory Manager Settings>Configure Plugin(Security Enhanced Directory Manager)>Default Directory Password Policy
The default setting causes a password to expire in 6 months after which a user has to reset a password. This can be changed by admin. See the highlighted setting below