Administering user accounts

Controlling password expiration

In the Account Manager, select a user name, then select Users Expiration.

System defaults are used unless you use the default toggle buttons to unstipple the text fields:

Date login will expire: A specific date after which the account will be unusable. This allows you to create temporary accounts. Never prevents expiration.
Days inactive before locking: Number of days until an expired password causes account to be locked.
Days required between changes: How long users must wait before they can change their password again. This prevents users from changing their passwords when they expire and then immediately changing them back to the previous one.
Days before password expires: How long a password is valid. When the password expires, the user is prompted to set a new password when they log in. A value of -1 disables password expiration (not recommended).
Days until account is warned: When the user begins receiving warnings that their password will expire.

You can also alter these settings for user login_name on the command-line with the passwd(1) command:

passwd -n min -x max login_name
passwd -w warn login_name

where:

min: the minimum number of days between changes
max: the maximum days before the password expires
warn: how long before expiration to warn the user