I just found out about this mandatory password reset policy. It is a terrible idea for customers that have automated uploads or downloads using the API because the password used by the API needs to be syncronized with a periodic manual reset. That is a major hassle. Also, this new policy wasn't communicated to customers, which resulted in well-established processes breaking. I strongly urge you to prove an opt-out of this policy for certain accounts, otherwise your API basically becomes useless and I have to migrate to a different service that caters to API users.