Click Account > Contacts > Edit to define password settings for your account. On this screen, you can define an expiration limit for your users, set the user lockout option, and set two-factor authentication for all users. If you have more than one password policy (a policy that defines how "strong" your users' passwords must be), you can also choose which policy to use.

If available in your account, you can also use the selected password policy for your end users. Select Apply password policy to end users authenticating with the service (not available to Forcepoint Web Security Hybrid Module customers) to impose the same password requirements for any end users who are registered for the service and using manual authentication, including the minimum and maximum length and restrictions on using previous passwords. If you have also defined a Password expiration limit, you can select Remind end users when passwords should be changed to send an email reminder to end users when they need to change their passwords.

Click Update when you're finished making your selections.