How to Make a User’s Password Expire

/ Linux Commands

An expired password in Linux will force the user to change their password the next time they log in. In this tutorial, you will learn how to force a user’s password to expire, set an expiration date on for a user’s password, and check the expiration date.

Make User’s Password Expire

Example 1. The passwd command with the -e (expire) flag will make a user’s password expire instantly.

$ sudo passwd -e linuxnightly

Example 2. To see the password expiration date of a specific user, we can use the chage command and -l option:

$ sudo chage -l username

View password user information

Example 3. To change the password expiration date we can use the -E option:

$ sudo chage -E 2022-03-12 username

Setting up new expire date for the user's password

Example 4. The -M flag is for “maximum days” and allows us to specify how many days a password is valid for. After this period of time, the user will be prompted to change their password. This example sets a password to be valid for 10 days:

$ sudo chage -M 10 username

Example 5. The -m flag is for “minimum days” and allows us to specify how often a user can change their password. This example forces a user to wait at least 20 days before changing their password:

$ sudo chage -m 20 username

Example 6. If you want a user to be able to change their password at any time, as often as they’d like, set the minimum days to 0:

$ sudo chage -m 0 username

Example 7. To manually set the number of days since the password was last changed:

$ sudo chage -d YYYY-MM-DD username

Example 8. To designate when the user should receive a warning that their password will expire, use the -W option. Enter the number of days before expiration that the user should be warned. In this example, it’s 10 days:

$ sudo chage -W 10 username

Example 9. Alternatively, if you find it less complicated, you can modify the user’s password expiration date using interactive mode. This allows you to enter every value manually.

$ sudo chage username

Output showing the interactive mode using chage command

Make a User’s Password Never Expire

Example 10. If you want a user’s password to never expire, use this command:

$ sudo chage -I -1 -m 0 -M 99999 -E -1 username
  • -I -1 will remove an account’s inactivity
  • -m 0 allows the user to change their password as frequently as they want
  • -M 99999 makes their password valid indefinitely
  • -E -1 removes the account expiration date

Output showing how to set a password's date to never expire

Leave a Comment

Your email address will not be published. Required fields are marked *