To configure password policy, you need to go to Configuration/Administration/Configuration/Basic configuration/Other functionalities/Parameters HCM Deck/Password policy. There you can define:
- minimum lenght of user password,
- minimum number of groups of characters in the password,
- if the password can begin and end with a digit,
- number of passwords stored in history,
- password validity period,
- number of days after which the user can change the password again.
When you define all these parameters, just click "Save" at the bottom (you have to scroll down to see the button!).