This tutorial is going to take you through on how to setup user password expiry date on Linux. Linux allows you to modify the number of days between password changes, establish a manual expiration date, view account aging information, and many more for security reasons.
I will create user account for demonstration purpose using the following commands.
sudo useradd demouser
sudo passwd demouserReplace demo account with user account you want to apply the expiry in the examples given below.
Set user account to expire after X number of days
- We’ll set demo account to expire in 30 days. Using the command below, get the date 30 days from the current date
date -d "+30 days" +%FSample output;
2022-05-01- Set the account’s expiration date to the date returned by the command above
sudo chage -E 2022-05-01 demouser- Check that the account’s expiration date has been set using the following command
sudo chage -l demouserSample output
Last password change : Apr 01, 2022 Password expires : never Password inactive : never Account expires : May 01, 2022 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
Change the user’s password policy
- Make a password policy that will make the account to require a new password after a certain number of days. e.g. 60 days
sudo chage -M 60 demouser- Check to see if the password policy has been set
sudo chage -l demouserSample output
Last password change : Apr 01, 2022 Password expires : Mei 31, 2022 Password inactive : never Account expires : Mei 01, 2022 Minimum number of days between password change : 0 Maximum number of days between password change : 60 Number of days of warning before password expires : 7
Force a password change on the first login
- Run the command below to force password change on the first login
sudo chage -d 0 demouserYou’ll be prompted to update your password when you log in.
~$ ssh demouser@localhost demouser@localhost's password: You are required to change your password immediately (administrator enforced). You are required to change your password immediately (administrator enforced). Welcome to Ubuntu Jammy Jellyfish (development branch) (GNU/Linux 5.15.0-23-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 1 update can be applied immediately. To see these additional updates run: apt list --upgradable Your Hardware Enablement Stack (HWE) is supported until April 2025. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Apr 1 17:59:17 2022 from 127.0.0.1 WARNING: Your password has expired. You must change your password now and login again! Changing password for demouser. Current password: New password: Retype new password: passwd: password updated successfully
Disable user account password expiry
- Use the following command to disable user password expiry
sudo chage -m 0 -M 99999 -I -1 -E -1 demouser- Confirm using the command below
sudo chage -l demoSample output
Last password change : Apr 01, 2022 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
- It’s a wrap, Cheers! You have learned how to setup user password expiry date on Linux
Read more about change command on man pages
Other Tutorials
Install Bpytop System Monitor Tool on Ubuntu 22.04
