Password policies are set by the IT department based on best practices for general cyber security. However, if you feel that your password has been compromised, it is recommended you change your password via password reset.