Welcome to the Atlassian Community!
Most of that is up to the identity provider, not Jira, as Jira does not actually handle any of the accounts or authentication any more.
Jira relies on Atlassian accounts, Google accounts, or Atlassian Access to identify and authenticate users.
If you are using Atlassian Access, see https://support.atlassian.com/security-and-access-policies/docs/manage-your-password-policy/
Atlassian accounts and Google accounts can only enforce password policies set if you own the domain the account is in (for example, I use two Atlassian accounts - my personal one, which I own and hence get to choose my password policies, and my Adaptavist one, which is tied to my Google account too, where Adaptavist get to enforce rules on it)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.