Personal access tokens can be specified to have a max lifetime. However, the user interface will allow users to pick a date too far in the future.
When the lifetime can be limited, the daterange picker should not allow users to select an invalid choice in the future.