To set other password aging parameters, you use different "flags" (options) with the chage command.
Here are the most common parameters you can modify:
1. Set a Minimum Password Age (-m)
This prevents a user from changing their password too frequently (e.g., to stop them from cycling back to an old password immediately).
sudo chage -m 7 jokerEffect: Joker must wait at least 7 days before they can change their password again.
2. Set an Account Expiration Date (-E)
This is great for temporary employees or student accounts. After this date, the user cannot log in at all.
sudo chage -E 2025-12-31 jokerEffect: The account "joker" will be disabled automatically on December 31, 2025.
3. Set a Password Warning Period (-W)
This tells the user their password is about to expire when they log in.
sudo chage -W 14 jokerEffect: Joker will start seeing warning messages 14 days before their password expires.
4. Set Inactivity Period (-I)
This defines how many days the account stays "usable" after the password has officially expired.
sudo chage -I 5 jokerEffect: If Joker doesn't change their password within 5 days of expiration, the account is locked.
5. Force Password Change on Next Login (-d)
If you just gave a user a temporary password and want them to pick their own immediately upon logging in:
sudo chage -d 0 jokerEffect: The "last changed" date is set to 0 (the year 1970), so Linux considers the password expired immediately.
Summary Table
| Flag | Parameter | Description |
|---|---|---|
-m |
Min Days | Minimum days between changes |
-M |
Max Days | Maximum days a password is valid |
-W |
Warn Days | Days before expiration to warn user |
-E |
Expire Date | Date the account itself expires (YYYY-MM-DD) |
-I |
Inactive | Days after expiry before account locks |
-l |
List | Show all current settings for the user |
Pro Tip: You can combine them! For example:
sudo chage -m 5 -M 90 -W 7 joker sets the min age, max age, and warning all in one go.
