The PASSWORD_LIFE_TIME setting determines how long a password may be used before the user is required to be change it. The suggested value for this is 90 days or less. Rationale: Allowing passwords to remain unchanged for long periods makes the success of brute-force login attacks more likely.
Solution
Remediate this setting by executing the following SQL statement for each PROFILE returned by the audit procedure. ALTER PROFILE <profile_name> LIMIT PASSWORD_LIFE_TIME 90;