Hi @Force Strong · Thank you for reaching out.
As the devices are not domain joined, password policies defined in Group Policies won't apply. You need to configure password expiration policy in Azure AD by using following cmdlet:
Set-MsolPasswordPolicy -ValidityPeriod 90 -NotificationDays 14
Keep in mind that the password expiration policy configured in Azure AD are not by default applied to the synced user accounts. To apply Azure AD Password Expiration Policy to the users synced from On-premises AD, use below cmdlet:
Set-MsolDirSyncFeature -Feature EnforceCloudPasswordPolicyForPasswordSyncedUsers
Read more: EnforceCloudPasswordPolicyForPasswordSyncedUsers
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.