How do I force a user to change the password periodically?

I'm by far no network admin, but I know on the PC I use at work, we need to change our passwords every 30 or 45 days.

Is there something like that on Ubuntu that can prompt users to change their passwords every 30, 45 or whatever days I specify?


Solution 1:

Password Expiration

When creating user accounts, you should make it a policy to have a minimum and maximum password age forcing users to change their passwords when they expire.

To easily view the current status of a user account, use the following syntax:

sudo chage -l username

one@onezero:~$ sudo chage -l one
Last password change                    : Feb 15, 2012
Password expires                    : never
Password inactive                   : never
Account expires                     : never
Minimum number of days between password change      : 0
Maximum number of days between password change      : 99999
Number of days of warning before password expires   : 7

To set any of these values, simply use the following syntax, and follow the interactive prompts:

sudo chage username

The following is also an example of how you can manually change the explicit expiration date (-E) to 01/31/2012, minimum password age (-m) of 5 days, maximum password age (-M) of 90 days, inactivity period (-I) of 5 days after password expiration, and a warning time period (-W) of 14 days before password expiration.

sudo chage -E 01/31/2012 -m 5 -M 90 -I 30 -W 14 username

To verify changes, use the same syntax as mentioned previously:

sudo chage -l username

For More Help

Solution 2:

I think you want to use the command passwd --maxdays, from the man pages:

passwd - change user password

-x, --maxdays MAX_DAYS
    Set the maximum number of days a password remains valid. After MAX_DAYS,
    the password is required to be changed.

The paramater --warndays might also be of interest. There is a related question at serverfault.