This question is in reference to Atlassian Documentation: Managed accounts and domain claim verification
When you mention: "If you do not verify your domain, then your users will be given the default Atlassian password policy."
Does this mean that the minimum password strength will be weak? The passwords will expire? I can't find which are the default values for this policy.
You might find this ticket enlightening if you read the comments from the start, and many people have had similar questions: https://jira.atlassian.com/browse/ID-6213
To answer your question based on that and a support ticket I put in: it'll be a new strength validation system, and the default will be an 8 character password that never expires. However, I'm not certain this is set in stone yet, as many people seem to be unhappy with it.