What is the minimum number of days that must pass before the password can be changed?
chage(1) - Linux man pageNamechage - change user password expiry information Show
Synopsischage [options] [LOGIN] DescriptionThe chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. OptionsThe options which apply to the chage command are: -d, --lastday LAST_DAY Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). -E, --expiredate EXPIRE_DATESet the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again.Passing the number -1 as the EXPIRE_DATE will remove an account expiration date. -h, --help Display help message and exit. -I, --inactive INACTIVESet the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again.Passing the number -1 as the INACTIVE will remove an account's inactivity. -l, --list Show account aging information. -m, --mindays MIN_DAYSSet the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time. -M, --maxdays MAX_DAYSSet the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by use of the -W option, which provides the user with advance warning.Passing the number -1 as MAX_DAYS will remove checking a password's validity. -W, --warndays WARN_DAYS Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire. If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of [ ] marks.NoteThe chage program requires a shadow password file to be available. The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when his/her password or account is due to expire. Files/etc/passwd User account information. /etc/shadow Secure user account information.Exit ValuesThe chage command exits with the following values: 0 success 1permission denied 2invalid command syntax 15can't find the shadow password fileSee Alsopasswd(5), shadow(5). Guidelines for Password ManagementPurposeThe purpose of this Guideline is to educate Carnegie Mellon University (“University”) students, faculty and staff on the characteristics of a Strong Password as well as to provide recommendations on how to securely maintain and manage passwords. Applies ToThis Guideline applies to all students, faculty and staff that have a username and password to at least one University system or application, independent of whether you are an end user or a system administrator for that system or application. DefinitionsA Strong Password is defined as a password that is reasonably difficult to guess in a short period of time either through human guessing or the use of specialized software. GuidelinesThe following are general recommendations for creating a Strong Password: A Strong Password should -
Strong Passwords do not -
The following are several recommendations for maintaining a Strong Password:
The following are Guidelines for individuals responsible for provisioning and support of user accounts:
The following are several additional Guidelines for individuals responsible for the design and implementation of systems and applications:
The following are additional Guidelines for system or service accounts - those not designed to be used by humans:
Additional InformationIf you have any questions or comments related to this Guideline, please send email to the University Information Security Office at . Additional information can also be found using the following resources:
Revision History
What is the minimum number of days that must pass before the password can be changed Linux?6 – number of days before a required change that warnings will be provided. 7 – number of days after password expires before it is locked (made inactive)
How many days can a password be used before it must be changed?Most tech professionals recommend your password changes every thirty, sixty, or ninety days; depending on what the password is used for, how often the account is accessed, and how strong the password is to begin with.
What is the minimum length of a password?Best practices. Set minimum password length to at least a value of 8. If the number of characters is set to 0, no password is required. In most environments, an eight-character password is recommended because it's long enough to provide adequate security and still short enough for users to easily remember.
Should passwords be reset every 90 days?Many companies require their employees to change their password every 90 days. It's an inconvenient policy which leads people to ask: Is it really necessary? The short answer is no. Frequent password changes may have been a good idea in years gone by, but they're not necessary today.
|