User Configuration: Security Guidelines - Setting the maximum Password Age
If you want to avoid users from being unable to log on when the allowed password age changes, you can select the following settings here:
The setting to Classify all passwords as new makes the number of days you define for the allowed password age apply immediately for all existing passwords.
The second setting lets you specify in how many days existing passwords will no longer be valid.
The setting of Do not modify expiration dates, passwords might expire immediately is oriented towards the actual age of existing passwords that will
immediately lose their validity if you have reduced the allowed password age or have set it for the first time.
Please note that some users may no longer be able to log on to the portal if you do not choose appropriate settings for them.