Having the ability to set some kind of password policy is great, there are a few more features that would be very helpful though.

• Configurable password expiration, simply a number of days before a password change is required.
  • Allow certain accounts to not expire.
• Configurable password history requirements. We can currently configure similarity checks against the previous password, it would be helpful to configure similarity checks against the previous x number of passwords.