<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
No Password Age Set for User's Password Policy but Password Still Expires
Jul 29, 2025
Administration
Okta Classic Engine
Okta Identity Engine
Overview

A user has been assigned to a password policy without a password age set, but the user's password still expires. 

Applies To
  • Okta Password policy
  • Okta Classic Engine
Cause

The Password policy depends on the rule created within it. If a user does not fall into the selected zone, the policy will not be applied, and the user will be evaluated against the following policy. As a result, the password may expire when the following policy is applied to the user.

Solution

The rule under the password policy that applies to the user can be edited as such:

  1. In the Okta Admin Console, navigate to Security > Authentication.
  2. Click Actions > Edit next to the Password factor.
  3. In the left pane, click the password policy that is being applied to the user.
  4. At the bottom of the page, edit the rule and change the User's IP setting to Anywhere, or select all the zones the user will be logging from (reference snapshot below): 

edit rule

Recommended content

Still looking for help?
Loading
No Password Age Set for User's Password Policy but Password Still Expires