Apart from the built-in password policy feature, there is also a third-party app called Enterprise Password Policy for Jira, which provides features such as password age and user account locking to make your Jira compliant with ISO/IEC 27002. You can get the app at https://marketplace.atlassian.com/plugins/com.intenso.jira.plugins.password-policy.

After you have installed the app in Jira, there will be a new Password Policy section in Manage apps, under Administration. Click on the Configure option and then on Password Complexity, and you will be able to set your password policy, as shown in the following screenshot:

As you can see from the preceding screenshot, there are more options and controls for you to define your password policies compared to the out-of-the-box feature from Jira.