They don't currently provide ways to force password age rules for corporate google users. So corporate clients that want to use google apps are currently forced to use an IdP that does this for them. They have the tools to allow for it, we even give corporate customers a way to use Google Apps accounts and force 2-Factor auth and password aging without things like Active Directory. Also not providing the ability to change session information is, well, a little off putting for some. It's not that it's a war on the password it's just that they don't want their services to be something you actually have to log into (chromebook experience).