I used to work on a federated application (multiple databases) which, in the past, stored user credentials and attributes in _User in each of the databases, as well as in an application table.
It had all of the authentication rules you described, implemented at the application level. Password changes would be written simultaneously to the application table and to each _User. Similarly, user authentication at logon happened in the application and in each database.
I need to implement a password policy in the database.
The OpenEdge RDBMS has no such functionality. None. But you don't need it to in order to accomplish what you've described.
Note that I said the application I worked on had this design in the past. It is an outdated design. The _User password hashing is old and not fit for purpose today. It uses the old, proprietary
encode
function.
In the long term, you should look at externalizing authentication, either in an external third-party layer (e.g. AD/AAD/LDAP) or in
OpenEdge Authentication Gateway. The application I worked on went the latter route.
One last note: I assume when you say "11.73" you mean 11.7.3. The current update to OpenEdge release 11.7 is 11.7.18, which shipped in August 2023. 11.7.3 (service pack 3 of 11.7) shipped in May 2018. If you are on 11.7.3, you should update to 11.7.18; you are missing hundreds of bug fixes.
Also note that OpenEdge 11.7 will enter the Retired phase of its
life cycle in April 2025. The clock is ticking.