Controlling password expiration
In the
Account Manager,
select a user name, then select
Password Restrictions from the Users menu,
then select Expiration.
System defaults are used unless you use the default toggle buttons
to unstipple the text fields:
Days allowed between changes-
sets how long users must wait before they can change their password again.
This prevents users from changing their passwords when they expire
and then immediately changing them back to the previous one.
Days until password expires-
sets how long a password is valid. When the password expires, the user
is prompted to set a new password when they log in.
Days until account is locked-
sets the interval between the time when the password expires and the account is
automatically locked (preventing the user from logging in).
Also known as the ``password lifetime''.
To change the system default values, use these commands:
usermod -D -x "{passwdMinChangeTime value}"
usermod -D -x "{passwdExpirationTime value}"
usermod -D -x "{passwdLifeTime value}"
You can change the value for an individual user with the
usermod(ADM)
command by omiting the -D option
and appending the user name to the above commands.
NOTE:
The Low and Traditional security profiles use password restrictions that are
very lenient: passwords do not expire, accounts are not locked,
and there is no minimum interval between password changes.
The default account initialization files (.cshrc, .profile,
.kshrc, and so forth) automatically execute the
prwarn(C)
utility at login time to warn users about impending password expiration.
See also:
Next topic:
Controlling password selection
Previous topic:
Setting or changing a user password
© 2007 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 05 June 2007