Changing maximum expiration days for user passwords