https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774011#M731900 Hi,<BR /><BR /><BR />The 'security' manpage reads the following:<BR /><BR />"This value, if specified, is used by the authentication subsystem during the password change process in the case where aging restrictions do not already exist for the given user."<BR /><BR />Source: <A href="http://nixdoc.net/man-pages/HP-UX/man4/security.4.html" target="_blank">http://nixdoc.net/man-pages/HP-UX/man4/security.4.html</A><BR /><BR />So to me it seems that password aging will only be applied after a user's password has been changed...<BR /><BR /><BR />Hope that helps...<BR /><BR />sangilak Tue, 05 Apr 2011 17:56:36 GMT sangilak 2011-04-05T17:56:36Z https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774010#M731899 Hi,<BR /><BR />With a NON-trusted system, we want to setup password aging. We will edit the /etc/default/security file. What my question is, will this affect current users or just new users created? Like if we have a bunch of users with no expiry and we add an expiry of 90 days to /etc/default/security, will those users all expire at their next login?<BR /><BR />Thanks,<BR />Sally Tue, 05 Apr 2011 15:22:55 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774010#M731899 dev44 2011-04-05T15:22:55Z https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774011#M731900 Hi,<BR /><BR /><BR />The 'security' manpage reads the following:<BR /><BR />"This value, if specified, is used by the authentication subsystem during the password change process in the case where aging restrictions do not already exist for the given user."<BR /><BR />Source: <A href="http://nixdoc.net/man-pages/HP-UX/man4/security.4.html" target="_blank">http://nixdoc.net/man-pages/HP-UX/man4/security.4.html</A><BR /><BR />So to me it seems that password aging will only be applied after a user's password has been changed...<BR /><BR /><BR />Hope that helps...<BR /><BR />sangilak Tue, 05 Apr 2011 17:56:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774011#M731900 sangilak 2011-04-05T17:56:36Z https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774012#M731901 Hi, <BR /><BR /> If you wish to enable password aging for existing users , you can edit /etc/shadow<BR />e.g entry should look like below<BR /><BR />casqa:gy76vCMHvwHLk:14623:7:91:7:::<BR /><BR />where <BR />7 ---&gt; min days before a user can change password<BR />91 ---&gt; max days <BR />7 ---&gt; warn days <BR /><BR />Then confirm it by running<BR />' passwd -sa '<BR /><BR />The output should look somthing like <BR /><BR />casqa PS 01/14/10 7 91 7<BR /> Fri, 15 Apr 2011 14:03:17 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-default-security/m-p/4774012#M731901 Pulse001 2011-04-15T14:03:17Z