“chage” command is used for checking the user password related information. Such as, password expiry date and min & max days for password change etc.
“-l” option will list the user password information.
Example output of this command is given below,
Now, to change the settings of the password, remove “-l” option and type the same command.
It will ask to change each option step by step.
We can assign new values against the section. If we want to specify default values, then we can simply press enter. The same is highlighted in below output.
Let’s ask ourselves a question, that why in the first place we want to stop aging of a user password?
“It could be a non-human user account or application account for which, we don’t want the password to be expired.”
The command for this is #chage –l -1 –m 0 –M 99999 –E -1 <user_name>
According to organization security standards, we might want to force user to change their machine password for every certain period.
chage –M 20 user-name
as seen “-m” option for giving the max day’s limit for password change. Sample example is,
Forcing every user to change their password on a particular date.
Might want to disable someone account and their final date with organization or team is finalized.
chage –E “YYYY-MM-DD” user-name
Command example output,
This will be helpful in notifying the user about the password change beforehand.
chage –W 10 <user name>
Above property setup will inform or notify the user 10 days before the expiry date. And from that day onwards, everyday notification is sent till password is updated.
User should change the password in next login:
This will be helpful for the users to update their password to their desired string.
System admin reset the password to some random string. We have shared the same password to user and user can update it to his desired password.
First time account is created with help of automated tools and want to provide an option for user to change their password.
chage –d 0 user-name
Now, when john tries to login with his credentials, then he would be asked to change the password to new value.