I think it was enabled without an option in the past - if your password was too short, you were required to do a password reset instead.
The policy was flipped because this was locking people out of their accounts (dead email accounts).
I think it was enabled without an option in the past - if your password was too short, you were required to do a password reset instead.
The policy was flipped because this was locking people out of their accounts (dead email accounts).