How to Set Password Expiry Rules Using chage

User Management

How to Set Password Expiry Rules Using chage

Hey there! 👋 Welcome to this tutorial where we explore how to set password expiry rules for users in Linux using a simple but powerful command — chage.

As a system administrator or even a curious Linux learner, it's important to ensure that users change their passwords regularly. That's where chage comes in handy!

🔧 What is chage?

The chage command lets you view and update the password aging information for a user. You can control things like how often a user must change their password, how long before it expires they get a warning, and more.

📦 Step 1: Check If chage Is Installed

Most Linux distros come with chage pre-installed. Just to be sure, run:

which chage
/usr/bin/chage

If it doesn't show a path, you may need to install the passwd or shadow-utils package depending on your distro.

👤 Step 2: View Current Expiry Settings for a User

Let’s say you want to check expiry details for a user named john:

sudo chage -l john
Last password change                                    : Jul 02, 2025
Password expires                                        : Sep 30, 2025
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7

This output tells you when the password was last changed, when it will expire, and more.

✏️ Step 3: Set Password Expiry Rules

Now let’s set some rules for our user john.

Set the maximum number of days a password remains valid (e.g., 60 days):

sudo chage -M 60 john

Set the minimum number of days before a user can change password again (e.g., 1 day):

sudo chage -m 1 john

Set the number of days before password expiry to warn the user (e.g., 5 days):

sudo chage -W 5 john

Set account expiration date (e.g., disable account after Oct 31, 2025):

sudo chage -E 2025-10-31 john

You can combine multiple options in one command too:

sudo chage -M 60 -m 1 -W 5 -E 2025-10-31 john

✅ Step 4: Confirm the Changes

After setting the rules, verify them again:

sudo chage -l john

This helps confirm your new password aging policy has taken effect.

🔒 Why This Matters

Regularly expiring passwords is a critical step in securing user accounts — especially on multi-user or production Linux servers. With chage, you’re in full control of password policies!

And that's it! You're now ready to enforce password aging rules using chage. 💪

See you in the next lesson!


Comments

💬 Please keep your comment relevant and respectful. Avoid spamming, offensive language, or posting promotional/backlink content.
All comments are subject to moderation before being published.

Loading comments...

User Management

  1. 1How to Add a New User in Linux
  2. 2Modify Existing User in Linux
  3. 3Delete a User in Linux — Step-by-Step for Beginners
  4. 4Create a User Group in Linux - Step-by-Step Tutorial
  5. 5Linux: Add User to Group
  6. 6How to Remove a User from a Group in Linux
  7. 7Delete a User Group in Linux - Beginner Friendly Tutorial
  8. 8Linux su Command Tutorial – Switch Users Easily
  9. 9Linux sudo Command - Execute as Another User
  10. 10Change a User's Password in Linux Using passwd
  11. 11Set Password Expiry in Linux using chage
  12. 12Lock a User Account in Linux
  13. 13How to Unlock a User Account in Linux
  14. 14Configure User Login Shell in Linux
  15. 15How to Configure User Environment Variables in Linux
  16. 16Edit .bashrc and .profile in Linux - User Startup Files Tutorial