Not sharing the policy and not being secure are too different things. And ideally yes, you should be able to share it without increasing any risk, though real world tells us this is not the case. And not sharing this information is a more secure action then sharing it, even though there is no security through obscurity, there is certainly not security in telling people your credential storing policy on a public website.
It narrows down the interesting target(s) quite a bit for malicious script kiddy or hacker.
And regarding not knowing the company, you and quite a few others here, link quite a bit in your profile page, and leave a huge footprint on the internet with all sorts of information to use. So it's quite easy to make a profile of you, determine where you work, where you live, what you look like, and then knowing where your company stores the interesting bits... well its going to be a lot easier then going into something blind.
But what do i know, i'm not good at 'Hustling and exerting confidence.'
You share the the policy with every employee that has a very real likelihood of becoming disgruntled in the future at some point. So arguably (and historically accurate, if I were to take a guess) you are sharing your policy with the most dangerous actors already. If sharing your policy has any affect on your security at all then you aren't secure and obviously you're sharing it with employees who are probably the highest risk of becoming malicious actors already so don't pretend not sharing it here does anything of consequence.
I tend to trust people i work with slightly more then random people on the internet i don't know. (almost tempted to explain how to avoid your 'issue' but then i'd be sharing what i warn against myself people should not share).
There probably also is a sticker on your frontdoor that says spare-key under the 2nd fake rock? Because any disgruntled visitor or family member you had might post that on Facebook anyway? Same principle applies, there is no benefit in having the public know this. Though when you did have a fight or disagreement with that visitor or family member you have chance to relocate the spare-key before that information is disclosed on their Facebook page.
So besides the negative effects i described, what good could come from posting your company (not yours to decide to share anyway) policy regarding login credentials?
Also i'd advice to check up on your contract what it says about sharing company policies and or secrets to 3rd parties (this site for example), before doing so. Because chances are somebodies' boss considers the credential policy as something that should be kept in-house and not public and made a point of this in his/her contract. No matter what you or i think about it, if they can argue you 'potentially hurt' the company you are screwed.
It narrows down the interesting target(s) quite a bit for malicious script kiddy or hacker.
And regarding not knowing the company, you and quite a few others here, link quite a bit in your profile page, and leave a huge footprint on the internet with all sorts of information to use. So it's quite easy to make a profile of you, determine where you work, where you live, what you look like, and then knowing where your company stores the interesting bits... well its going to be a lot easier then going into something blind.
But what do i know, i'm not good at 'Hustling and exerting confidence.'
;)