Password aging

Users can change their passwords as long as password aging criteria are satisfied.

Password aging requires users to change their password if the password has existed on the system for a defined time period. Password aging includes a minimum age and a maximum age time period. A password cannot be changed before the passage of this minimum age time period. The password must be changed after the maximum age time period.

Password aging parameters can be set in the /etc/security/user file. The following parameters are related to password aging:
maxage
Maximum number of weeks a password is valid
maxexpired
Maximum number of weeks after maxage that an expired password can be changed by a user
minage
Minimum number of weeks between password changes
minlen
Minimum length of a password

Other parameters can be set to specify the characters that are allowed in a password. See the passwd command for a complete list of password parameters.