Linux: How to Check (and change) User Password Expiration

If you currently utilize password expiration that’s built in to Linux, you may have an account that’s locked out or about to be locked out. How would you check to see if a given user account is locked out?

To do this, use the chage command. This command can display information about when the password will expire as well as change the expiry time.

Checking the Expiry Information

To check the expiry information, use the chage command like this:

# chage -l username
Last password change : Aug 31, 2017
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

The output of chage shows us the last password change, when the password will expire and more.

Changing the Expiry Time

If you would like to set the expiry time of a given users password to “never”, use the following command:

# chage -M -1 username

To set a specific maximum days before the password is required to be changed, use the following command:

# chage -M 90 username

For more information about configuring password aging for all users, see How to Enable Password Aging in Linux.

Leave a Reply

Your email address will not be published / Required fields are marked *