To specify how users' passwords are aged, edit the following settings in the
/etc/login.defs
file:
Setting |
Description |
---|---|
|
Maximum number of days for which a password can be used before it must be changed. The default value is 99,999 days. |
|
Minimum number of days that is allowed between password changes. The default value is 0 days. |
|
Number of days warning that is given before a password expires. The default value is 7 days. |
For more information, see the login.defs(5)
manual page.
To change how long a user's account can be inactive before it is locked, use the usermod command. For example, to set the inactivity period to 30 days:
# usermod -f 30 username
To change the default inactivity period for new user accounts, use the useradd command:
# useradd -D -f 30
A value of -1 specifies that user accounts are not locked due to inactivity.
For more information, see the useradd(8)
and
usermod(8)
manual pages.