Linux: HowTo Check User Password Expiration Date and Time

Posted on in Categories last updated May 5, 2012

/etc/shadow files stores actual password in encrypted format for user’s account. How do I check users password expiry information under Linux operating systems?

You need to use the chage command. It can display password expiry information as well as changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password.

View account again information:

To see account aging information such as expiry date and time, enter:

chage -l userNameHere

To see account aging info for vivek, enter:
$ chage -l vivek
Sample outputs:

Last password change					: Jan 10, 2012
Password expires					: never
Password inactive					: never
Account expires						: never
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7

Another example:
$ chage -l raj
Sample outputs:

Last password change					: May 21, 2012
Password expires					: Jun 20, 2012
Password inactive					: never
Account expires						: Jan 01, 2013
Minimum number of days between password change		: 7
Maximum number of days between password change		: 30
Number of days of warning before password expires	: 7

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

8 comment

  1. Is it possible to get the time in addition to the date. On AIX, the password expiration warning includes the date and time. My password will expire tomorrow. It would be helpful to know what time it will expire so that I can determine how much time I’ll have tomorrow before it expires? If it’s going to expire early in the day, I may want to change it today. If it expires late in the day I may wait until tomorrow morning.

    Thanks.

    Jerry

  2. I have the same question as Jerry. Is it possible to know the last password change time in Linux?

  3. for account in $(cut -f1 -d: /etc/passwd); do echo "ACCOUNT: $account , EXPIRES: `chage -l $account | grep 'Account expires' | awk '{print $4, $5, $6}'`, CHANGED: `chage -l $account | grep 'Last password change' | awk '{print $5, $6, $7}'`"; done
    
  4. How do we check the same info when the linux server is connected to Active Directory and there is no value in /etc/passwd?

Comments are closed.