The password policy contains configurable properties for password expiration, failed sign-on attempts, account lockout, and other aspects of password and account maintenance on the server. The server also provides a global configuration option and a per-user privilege feature that disables parts of the password policy evaluation for production environments that don't require a password policy.