This will be done in JIRA:
Including:

• password change period in days (maximum unchanged password days)
• maximum invalid password attempts
• password history count (must be at least 1 to really force password change)
• password strength (password regex)

Instead of having to ask users to enter a regex for the password strength, we can provide the following fields and create the regex accordingly:

• minimum length
• min number of alpha
• min number of num
• min number of special characters