What is a common security policy for service accounts?

Service accounts are generally not permitted to use interactive logins, and as such, disallowing interactive logins is a standard security policy for them. On the other hand, employee accounts are more likely to have limited login hours or locations to prevent them from accessing resources outside of work hours or from non-work locations. Requiring frequent password changes for service accounts may actually result in service disruptions, and many service accounts have complex passwords and longer expiration periods, or are set to never expire.