This tip applies to Linux in general, but is of particular interest in the case of vCSA as many distributions don't enable password expiration by default whereas the SuSE-based vCSA does.
Locally created user passwords on the vCenter Server Appliance version 22.214.171.124 expire after 90 days.
The expiration policy for newly created users is defined by the following lines the /etc/login.defs  file:
PASS_MAX_DAYS 90 PASS_MIN_DAYS 1 PASS_WARN_AGE 7
Switch these values to 99999, 0 and 7 respectively to disable password expiration.
PASS_MAX_DAYS 99999 PASS_MIN_DAYS 0 PASS_WARN_AGE 7
Resetting Existing Users
Expiration for existing accounts can be checked / set / disabled with chage  which acts on /etc/shadow :
chage -l <username>
chage -I -1 -m 0 -M 99999 -E -1 <username>
1: [man chage]((http://man7.org/linux/man-pages/man1/chage.1.html)
2: man shadow