We have a 180 day password reset for all our users. This is the first we've done this as a response to our accounts being hacked last year. We've also enforced MFA.
I'm seeing some emails in quarantine (from noreply at birkenstock dot com) which are accurately, and quite convincingly, informing users that their password is expiring and asks if they want to keep or change their password.
How would it be possible for anyone to know that these passwords are in fact expiring and is there anything we can do to protect our users?