This tip applies to Linux in general, but is of particular interest in the case of vCSA as many distributions don't enable password expiration by default whereas the SuSE-based vCSA does.
Locally created user passwords on the vCenter Server Appliance version 22.214.171.124 expire after 90 days.
The expiration policy for newly created users is defined by the following lines the /etc/login.defs  file:
Switch these values to 99999, 0 and 7 respectively to disable password expiration.
Resetting Existing Users
Expiration for existing accounts can be checked / set / disabled with chage  which acts on /etc/shadow :
chage -l <username>
chage -I -1 -m 0 -M 99999 -E -1 <username>
0: man login.defs
1: [man chage]((http://man7.org/linux/man-pages/man1/chage.1.html)
2: man shadow