If you have enabled the default password policy implementation, then the parameter, bpmportal.ps.longevity in bpmportal.conf specifies the period (in days) for which the password is valid. The default value is 30.