What's the good http status code to return on expired password?

Question

When a password is expired what rest api should return? I mean: username and password are correct, but expired.

Here I found that

The mechanis

Answer 1

http://getstatuscode.com/419

Not a part of the HTTP standard, 419 Authentication Timeout denotes that previously valid authentication has expired. It is used as an alternative to 401 Unauthorized in order to differentiate from otherwise authenticated clients being denied access to specific server resources.