I have several passwords that I am forced to change much too often because the people in charge don't understand security very well. School, work, government sites/applications... they all do this.
The configuration to store their requirements is somewhat simple, there are only so many features (how often it expires, which patterns are allowed, disallowed, mandatory). It could be in an xml file, and Enpass could have a feature where it stored such a policy with feature.
The policy would explain to and allow Enpass to change the password without user intervention (no more nagging notifications "your password will expire in 11 days, do you wish to change it now"). It might even be the basis for a feature that, when large-scale password/database thefts occur, all Enpass users could have theirs automatically updated before the stolen passwords could be used.
Websites (the savvy ones anyway) might store their own password policy hidden in the markup itself, like so:
But until that caught on, Enpass users could craft their own. Other password manager software might actually make use of this (though, Enpass would be the first therefor proving itself the most innovative). Users could of course explicitly disable this feature if they did not wish to use it, just in case there's some early adopter website. Or, it could be used partially (since it would include the maximum allowable characters, Enpass could suggest that when registering a new password, or changing one manually).
This is a mockup of a password policy file, and might be missing a few things. It's larger than an actual working policy would be, because I list multiple options when only one would be chosen.