.. _linux-accounts-password-3dcad436dce4: ============================= Linux Accounts Password Rules ============================= .. rubric:: Check Current Password Expiry Settings Before making any changes, you may want to check the current password expiry settings for the user. You can do this by running the :command:`chage -l ` command, replacing ```` with the name of the user whose password expiry settings you want to view. .. code-block:: none sudo chage -l .. rubric:: Change Password Expiry Settings To change the password expiry period of Linux accounts, run the :command:`chage` command, as below: .. code-block:: none [sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M -I - -M : Sets the maximum number of days a password is valid (90 days by default). - -I : Sets the number of days of inactivity after a password expires before the account is disabled (45 days by default). For example, to set a maximum password age of 60 days and configure the account to be permanently disabled 45 days after the password expires for the user ``sysadmin``, run the following command: .. code-block:: none [sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M 60 -I 45 sysadmin Verify Changes -------------- After making the changes, verify that the new password expiry settings have been applied by running the :command:`chage -l ` command again. .. code-block:: none chage -l For the example above of user ``sysadmin`` and expiry period of 60 days, the output of ``chage -l `` should be as follows: .. code-block:: none [sysadmin@controller-0 ~(keystone_admin)]$ chage -l sysadmin Last password change : Apr 09, 2025 Password expires : Jun 08, 2025 Password inactive : Jul 23, 2025 Account expires : never Minimum number of days between password change : 1 Maximum number of days between password change : 60 Number of days of warning before password expires : 7