Polls

Topics

FreeBSD: Password expiry / aging policy

Posted by Vivek on Monday March 6, 06 @5:54 pm

For security reason you must enable Password expiry policy on FreeBSD box. Linux comes with chage command, which changes the number of days between password changes and the date of the last password change.

FreeBSD pw command

Use pw command to setup password expiry date for existing user account. Syntax is as follows:
pw user mod USERNAME -p DD-MMM-YY

Where,

For example, expire user rocky’s password on 31-Mar-2006:
# pw user mod USERNAME -p 31-mar-06
Use pw command to setup password expiry while creating new user account.
pw user add USERNAME -p DATE -e DAYS:
Where,

For example create a user called didi and Set the default password expiration to 30 days.
# pw user add didi -p 30 -d /home/didi -m
# passwd didi

This is good if you have small number of users. For large installation base (such as University computers) you need to define user login class. With login class you can control the following :

Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or full RSS feed to get all updates. You can Email this page to a friend.

You may also be interested in...

Discussion on This Article:

  1. andrei manescu Says:

    I think you got it wrong:
    * -p DAYS: Set default account expiration period in days
    * -e DAYS: Set default password expiration period in days

    Man pw disagrees :)
    -p date Set the account’s password expiration date. This field is
    similar to the account expiration date option, except that
    it applies to forced password changes. This is set in the
    same manner as the -e option.

    -e date Set the account’s expiration date. Format of the date is
    either a UNIX time in decimal, or a date in `dd-mmm-yy[yy]‘
    format, where dd is the day, mmm is the month, either in
    numeric or alphabetic format (’Jan’, ‘Feb’, etc) and year

  2. vivek Says:

    andrei,

    Thanks for the heads up. The post has been updated.

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Tags: , , , , , , , , ~ Last updated on: November 21, 2007

Copyright © 2004-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.