Password aging
Users can change their passwords as long as password aging criteria are satisfied.
Password aging requires users to change their password if the password has existed on the system for a defined time period. Password aging includes a minimum age and a maximum age time period. A password cannot be changed before the passage of this minimum age time period. The password must be changed after the maximum age time period.
Password aging parameters can be set in the /etc/security/user file.
The following parameters are related to password aging:
- maxage
- Maximum number of weeks a password is valid
- maxexpired
- Maximum number of weeks after maxage that an expired password can be changed by a user
- minage
- Minimum number of weeks between password changes
- minlen
- Minimum length of a password
Other parameters can be set to specify the characters that are allowed in a password. See the passwd command for a complete list of password parameters.