Apigee Edge provides the following safeguards for securing global user passwords.
Lockout after 5 failed attempts: After 5 failed login attempts, users are
locked out for 120 seconds before they can try logging in again.
Password expiration: There is no password expiration for Apigee Edge Cloud
and Private Cloud organizations.
For PCI-enabled organizations, you should use SAML to meet your individual password requirements.
See Enabling SAML
Authentication for Edge.
Password reset: Global users can use the "Forgot Password" functionality
on the Edge UI login page to reset their passwords.