Intellectually, I understand the motivation (although I doubt the regulatory excuse applies outside the context of student and medical records), but I don't like this one bit:
Dear CaneID user,
Effective immediately, the University of Miami will be enforcing a password
reset policy requiring all CaneID account passwords to be reset every 180
days. The purpose of the policy is to safeguard the confidentiality and
integrity of University data and resources, address regulatory compliance
requirements and adhere to industry best practices.
I predict more passwords stuck to post-its on computer monitors as a result.