Banks have internal requirements and you are reviewed on this. There is no requirement that you impose a similar requirement on your customers. Some banks do. Personally I prefer a requirement for a strong password up front and that it not be required to be changed at an interval.
_________________________
AndyZ CRCM
My opinions are not necessarily my employers.
R+R-R=R+R
Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell