something like 45 days. When the password expires, the user is
               informed that the password must be changed and the user does so.

               However, a service can’t respond to such a message and instead is just
               locked out.

               Because a service account has a high level of privileges, it is configured
               with a strong, complex password that is changed more often than
               regular users. Administrators need to manually change these
               passwords. The longer a password remains the same, the more likely it

               will be compromised. Another option is to configure the account to be
               non-interactive, which prevents a user from logging onto the account
               using traditional logon methods.

               Services can be configured to use certificate-based authentication.
               Certificates are issued to the device running the service and presented
               by the service when accessing resources. web-based services often use
               application programming interface (API) methods to exchange

               information between systems. These API methods are different
               depending on the web-based service. As an example, Google and
               Facebook provide web-based services that web developers use, but
               their implementations are different.