The users of a Linux Operating system computer, should always take care about security and if you are the admin of a Linux box with lots of users, you are responsible for the security of it, and maybe you should “force” the other users to change their passwords from time to time, to make this use the command chage Apply this to a user, lets say guillermo

sudo chage --list guillermo

something like this may appear.

$sudo chage --list guillermo
Last password change                                    : May 10, 2008
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

Now lets change change its expiry password date.

sudo chage -M 30 guillermo

This will make its password to expire after 30 days of the last change date.

See now the new info:

$ sudo chage --list guillermo
Last password change                                    : May 10, 2008
Password expires                                        : Jun 09, 2008
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 30
Number of days of warning before password expires       : 7

Now when I try to login as guillermo, this is what I got:

$ su - guillermo
Password: 
You are required to change your password immediately (password aged)
Changing password for guillermo.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 
Password unchanged
Enter new UNIX password: 
Retype new UNIX password: 

I tried to use the same password again the Linux refused to let me use it, so I was forced to pick a new password.

It is good to have the warn days to 3 or more days, so the user may have time to think a new good password, otherwise will use the first thing he/she may read around resulting in a weak password, which is worse that not changing the original one.

To set the warn days use this command.

sudo chage -W 4 guillermo

Now lets check the info for user guillermo

$ sudo chage --list guillermo
Last password change					: Oct 04, 2008
Password expires					: Nov 03, 2008
Password inactive					: never
Account expires						: never
Minimum number of days between password change		: 0
Maximum number of days between password change		: 30
Number of days of warning before password expires	: 4

Now you may see the new expiry date is Nov 3, 2008 and he will have a 4 days warning about the expiry of his password.