Stop users sending known passwords in E-Mails

To filter out passwords in E-Mails you can setup an Office 365 transport rule to capture the passoword and either block the email being sent or redirect it to a manager.
To do this, login to https://portal.office.com/adminportal with a tenant Administrator account.
Open the Exchange Admin Center.

Under mail flow click rules.

Click the + button to add a new Transport Rule

1 – Enter a name for the new Transport Rule
2 – Select The subject or body includes

A box will appear asking for you to enter your keywords, enter each keyword separately and click the + button. If entering passwords it is recommended you enter only part passwords for example if a common password you use is Boats567! enter *ats567* where * denotes any additional character then click OK

Under Do the following select Redirect the message to and enter the desired recipient (manager)

Now any passwords in E-Mails will be redirected and not arrive at their intended recipient.