We apologize for the instability of composr.app and appreciate your patience. We are working on the statistics addon and trying to find an optimal way to store and render data. Unfortunately, we have yet to find a solution that can handle the traffic (and therefore, tens of millions of statistical records) of composr.app. We're working hard on one.
#5697 - Add admin tool for mass invalidating member passwords
The point of this tool is to invalidate passwords in the event of a breach. So that criterium is not actually for password expiration but rather manually invalidating passwords which have not been changed in a long while (in the event of a breach) as they are more likely to exist in brute-force rainbow tables.
Composr already has password expiration as a separate config option.
Composr already has password expiration as a separate config option.