Every PCI-DSS compliant user is required to have a password age of less than 90 days. Passwords expire at 85 days, and from day 85-90, you will be able to use your current password to set a new password.  

You will receive several e-mails as your password expiration date approaches reminding you to update your password.

If you don't update your password by the 90th day, your account will be locked out and you will have to follow the password reset procedure to have your account re-activated.