From April 2020, HMRC will be changing its password rules in line with current Security best practice and guidance. The aim is to make it easier for users to set reasonably memorable passwords whilst maintaining integrity and security of data. The change will allow users who wish to do so, to use very strong passwords, whilst not making all users have passwords that they would end up writing down, thus reducing their overall security.
HMRC will not force users to change their password and therefore they can continue to use their current password until one of the above situation arises.