Apigee Edge provides the following safeguards for securing global user passwords.
Lockout after 5 failed attempts: After 5 failed login attempts, users are
locked out for 120 seconds before they can try logging in again.
Password expiration: There is no password expiration for non-PCI (Payment
Card Industry) organizations. This is also the default in an Apigee Edge for Private Cloud
installation. For PCI-enabled organizations, passwords expire after 90 days. No advance
notifications are sent when passwords are close to expiring.
Password reset: Global users can use the "Forgot Password" functionality
on the Edge UI login page to reset their passwords.