Administrators can define a client password policy for native or hybrid device application logins in a new or existing application. A password policy ensures that user-defined passwords conform to corporate security requirements.
A policy cannot be enforced unless developers add enforcement code to the data vault for an application.