I'm using _user table to manage user accounts in the system but I'm using application-level password policy to manage user's passwords. I need to implement a password policy in the database. scenarios as follows.
- for password complexity.
- password renewal timeframes.
- password history (cannot use the same password as the previous “n” passwords).
- account lockout after “n” failed login attempts.
- one-time use passwords. Etc