Hi! I now have a response from the University: 

"The University strives to make the ICT experience for all of our community a streamlined experience. As such, we offer a single sign in service which allows our community to access many services with a single user name and password.

We regularly review advice and guidance from a variety of sources including NCSC and at this time we are retaining our current cycle for password refresh. Please be assured that this is kept under review as cyber security and threats are an area which is constantly evolving and which the University takes very seriously."

I hope this helps!

Flora, Union President