Blog
It is possible to specify a period upon entering which a password will be treated as one to expire soon - in this case, depending on configuration, new login requests will be either rejected with an error or warning to indicate that a user cannot log in because of the approaching password expiry.
For instance, a password expiry may be set to 180 days and the last 15 days may be considered approaching expiry, meaning users will be required to change it before logging in. If they don't, the password will expire.