“chage” command is used for checking the user password related information. Such as,
Password expiry date and min & max days for password change etc.
“-l” option will list the user password information.
Example output of this command is given below,
Now, to change the settings of the password, remove “-l” option and type the same command.
It will ask to change each option step by step.
We can assign new values against the section. If we want to specify default values, then we can simply press enter. The same is highlighted in below output.
Minimum Password Age : 2
Maximum Password Age :
Last Password Change (YYYY-MM-DD) [-1]:
Password Expiration Warning : 3
Password Inactive [-1]:
Account Expiration Date (YYYY-MM-DD) [-1]:
Let’s ask ourselves a question, that why in the first place we want to stop aging of a user password?
“It could be a non-human user account or application account for which, we don’t want the password to be expired.”
The command for this is #chage –l -1 –m 0 –M 99999 –E -1 <user_name>
[root@sys2 ~]# chage -I -1 -m 0 -M 99999 -E -1 john
[root@sys2 ~]# chage -l john
Last password change : Jan 26, 2016
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
According to organization security standards, we might want to force user to change their machine password for every certain period.
chage –M 20 user-name
as seen “-m” option for giving the max day’s limit for password change. Sample example is,
Forcing every user to change their password on a particular date.
Might want to disable someone account and their final date with organization or team is finalized.
chage –E “YYYY-MM-DD” user-name
Command example output,
This will be helpful in notifying the user about the password change beforehand.
chage –W 10 <user name>
Above property setup will inform or notify the user 10 days before the expiry date. And from that day onwards, everyday notification is sent till password is updated.
User should change the password in next login:
This will be helpful for the users to update their password to their desired string.
System admin reset the password to some random string. We have shared the same password to user and user can update it to his desired password.
First time account is created with help of automated tools and want to provide an option for user to change their password.
chage –d 0 user-name
Now, when john tries to login with his credentials, then he would be asked to change the password to new value.
If you have answers for above questions then you are good. If din’t find one, then click on any question to redirect to the answer on the page.