# 5.3 Managing User Password Aging As you know from working or being on the internet, some services have passwords that expire. You can arrange this in Linux with the ```chage``` command. [![chage-1.png](../images/scaled-840-0/chage-1.png)](../images/chage-1.png) ### Using chage to change user password settings This will teach you how to use **chage** in the cli to set the password settings for the user Juliet. Apparantly, **Juliet** is dead and we need to lock her account. Either become root here or add sudo everywhere. ```bash usermod -L juliet ``` Now attempt to login as **Juliet**. Make sure you are logged in into your student account!! root can always log in everywhere! ```bash [greater@rhcsa ~]$ su - juliet Password: su: Authentication failure ``` It seems **Juliet** is still alive so we must unlock the account. ```bash usermod -U juliet ``` **Juliet** should now be able to login again. ```bash [greater@rhcsa ~]$ su - juliet Password: Last login: Tue Dec 18 12:42:05 UTC 2018 on pts/0 Last failed login: Tue Dec 18 12:42:38 UTC 2018 on pts/0 There were 1 failed login attempts since the last successful login. _____ _____ ______ _______ ______ _____ / ____|| __ \ | ____| /\ |__ __|| ____|| __ \ | | __ | |__) || |__ / \ | | | |__ | |__) | | | |_ || _ / | __| / /\ \ | | | __| | _ / | |__| || | \ \ | |____ / ____ \ | | | |____ | | \ \ \_____||_| \_\|______|/_/ \_\|_| |______||_| \_\ _________ |_________| Welcome to rhcsa You are logged in as: juliet ``` **Juliet** seems very fickle. Therefore, we want her to change her password every 90 days. ```bash chage -M 90 juliet ``` Check the result with the **chage** command. ```bash chage -l juliet ``` ```bash [greater@rhcsa ~]# sudo chage -l juliet Last password change : Dec 18, 2018 Password expires : Mar 18, 2019 Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 90 Number of days of warning before password expires : 7 ``` However, **Juliet** might be dead again already. To escape this annoying game, let's set her password that it needs to be changed at her next login. ```bash chage -d 0 juliet ``` And when you log in, set her new password to **greaterPass** ```bash [greater@rhcsa ~]$ su - juliet Password: You are required to change your password immediately (root enforced) Changing password for juliet. (current) UNIX password: New password: Retype new password: ``` Now let's have the account expire after 180 days. First we need to know when 180 days ahead is! ```bash date -d "+180 days" ``` The result of this command, for example, is: **Sun Jun 16 12:53:36 UTC 2019**. We need this date part of this result in the form [year-month-day] ```bash chage -E 2019-06-16 juliet ``` Check the result with chage. ```bash [greater@rhcsa ~]# chage -l juliet Last password change : Dec 18, 2018 Password expires : Mar 18, 2019 Password inactive : never Account expires : Jun 16, 2019 Minimum number of days between password change : 0 Maximum number of days between password change : 90 Number of days of warning before password expires : 7 ```