🤩 New Cool Developer Tools for you. Explore →
FREE JavaScript Video Series Start Learning →
FLAT 75% OFF All Interactive courses at flat ₹250 / $3.25 only. HURRRRRY!! Explore now
  Signup/Sign In
Tests
MCQs to test your knowledge.
Forum
Engage with the community.
Compilers
Compilers to execute code in browser.
Index
PUBLISHED ON: FEBRUARY 15, 2023

Change days between password change with chage command in Linux

The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change their password.

The chage command is installed with the passwd package, which can be install using the default package manager (apt, yum, pacman, dnf, etc.). The chage program requires a shadow (/etc/shadow) password file to be available which stores secure user account information. It's behavior can changed by editing the /etc/login.defs configuration file.

OPTIONS

Syntax: chage [options] LOGIN

-d, --lastday LAST_DAY Set the number of days since the last time the password was updated, which was on January 1st, 1970. The date could alternatively be written in the following format: YYYY-MM-DD or any other.
-E, --expireda te EXPIRE_DATE The user's account will expire on the date you specify, or after the specified number of days starting on January 1, 1970. The date could alternatively be written in the following format: YYYY-MM-DD.
The account expiration date can be removed by passing -1 as the EXPIRE DATE parameter.
-i, --iso8601 When printing dates, use YYYY-MM-DD format.
-I, --inactive INACTIVE Determine how long an account must go without activity once a password has expired before it is locked. The number of days of inactivity is indicated by the INACTIVE option.
The account's inactivity can be removed by passing -1 as the INACTIVE parameter.
-l, --list Show account aging information. (expiry, change, days, etc.)
-m, --mindays MIN_DAYS MIN DAYS should be set as the minimum number of days between password updates. The user may modify their password at any moment if this field has a value of zero.
-M, --maxdays MAX_DAYS Set the maximum amount of time a password will last. The user will be unable to access their account until they update their password if MAX DAYS plus LAST DAY is less than the present day. The -W (warn days) option gives the user a heads-up so they can prepare for this event in advance and receive a warning.
Passing -1 as MAX DAYS will disable verifying the suffix of a password.
-R, --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-W, --warndays WARN_DAYS Decide how many days of notice are given before a password change is necessary. The number of days before the password expires that a user will be alerted that their password is about to expire is specified by the WARN_DAYS option.
-h, --help Display help message and exit.

Linux terminal running chage command. (shows help menu)

If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of [ ] marks.

It is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when their password or account is due to expire.

Exit codes for chage command:

0 success
1 can't find the shadow password file (/etc/shadow)
2 permission denied (Try again with root permissions.)
15 invalid command syntax

Example use cases of chage command

List password information for the user:

Here, we have used chage command to list password expiry information for the specified user name: "user"

$ chage --list username

Linux terminal running chage command to list password expiry information for the specified user

Enable password expiration in 10 days:

We can set a maximum number of days between password change with -M or --maxdays flag to the chage command as follows:

$ sudo chage --maxdays 10 username

Disable password expiration:

To disable password expiration, we can specify a negative value (-1) to maxdays parameter (--maxdays) with chage command in Linux:

$ sudo chage --maxdays -1 username

Set account expiration date:

Set an account expiration date with chage command using the --expirydate flag as follows:

$ sudo chage --expiredate YYYY-MM-DD username

Force user to change password on next log in:

To expire a password immediately and set new with chage command in Linxu terminal, we can use --lastday flag as follows:

$ sudo chage --lastday 0 username

Expire a password immediately and set new with chage command in Linxu terminal

Want to learn coding?
Try our new interactive courses.
View All →
Over 20,000+ students enrolled.
About the author:
sam5epi0l
Pradeep has expertise in Linux, Go, Nginx, Apache, CyberSecurity, AppSec and various other technical areas. He has contributed to numerous publications and websites, providing his readers with insightful and informative content.
Learn to Code
Learn and practice coding side-by-side.
NEW
C language Course
115+ coding exercises
Javascript Course
85+ coding exercises
More →