Passwords default to a 90 expiry period – this can be changed in “Web Services>Installation & Maintenance>Global Security Settings”, in the Basic Password Settings tab.
Setting the Expiry Days & Reminder Days fields both to 0 disables the expiry of passwords. (you may need to log in to the Self-Service Portal as an Administrator User, and Reload Web Settings)
Password Reset can be enabled/set up from the Password Reset tab. You may also need to go into Global Web Settings, and set the line “EnablePasswordReset” to true.
You can also modify the verification questions in this window, under the Password Reset tab.