Skip to content

User Management Task: Enforcing Password and Access Policies

Goal

Ensure local accounts follow password complexity, expiration, and locking policies.

Set Password Aging

chage -M 90 -m 7 -W 14 username

Set Global Defaults

Edit /etc/login.defs: 

PASS_MAX_DAYS   90
PASS_MIN_DAYS   7
PASS_WARN_AGE   14

Lock Account Temporarily

passwd -l username

Audit Password Status

passwd -S username

Tools

  • chage, /etc/login.defs, passwd, pam_pwquality