Linux Password policy – /etc/login.defs No change for existing users

To enable the password policy in on my CentOS 7, i edited the /etc/login.defs and make changes following values:

PASS_MAX_DAYS Maximum number of days a password may be used.
PASS_MIN_DAYS Minimum number of days allowed between password changes.
PASS_MIN_LEN Minimum acceptable password length.
PASS_WARN_AGE Number of days warning given before a password expires.

# vim /etc/login.defs
PASS_MAX_DAYS   90
PASS_MIN_DAYS   10
PASS_MIN_LEN    8
PASS_WARN_AGE   7

The above policy applies to all newly created users only and there NO change in the values of existing users.

Use chage command to change the password setting for existing user:

Set the PASS_MAX_DAYS parameter to 90 
# sudo chage --maxdays 90 <user>

Set the PASS_MIN_DAYS parameter 
# sudo chage --mindays 10 <user>

Set the PASS_WARN_AGE parameter 
# sudo chage --warndays 8 <user>

 

Leave a Reply

Your email address will not be published.