Password-aging is a mechanism that you can use to force users to periodically change their passwords. Password-aging allows you to:
Specify a warning message to be displayed whenever a user logs in a specified number of days before the user's password time limit is reached.
Specify the maximum number of days that an account can be inactive. If that number of days pass without the user logging in to the account, the user's password is locked.
Keep in mind that users who are already logged in when the various maximums or dates are reached are not affected by the above features. They can continue to work as normal. Password-aging limitations and activities are activated only when a user logs in or performs one of the following operations:
These password-aging parameters are applied on a user-by-user basis; you can have different password-aging requirements for different users. You can also set general default password-aging parameters that apply to all users except those you have individually set.
When planning your NIS+ namespace, decide which password-aging features you want to implement, and the default values you want to specify. For additional information on password-aging, see the Password chapter of Solaris Naming Administration Guide.