Hope you are doing well. We are in process implementing the Strong Password for AD accounts and one of the change is to extend Max Password Age from 90 days to one year. This is based on the new guideline from NIST. NIST suggested to set the password to never expire to prevent Password Fatigue. Currently our AD and SAP have separate repository for user accounts but we will be starting SSO project soon. I am just wondering, with AD password expiration being extended in conjunction with SSO, will that cause any issue from compliance perspective? Anyone has done similar changes and had any experience to share with?