https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092688#M738752 it's already trusted. I'm saying that if today I change the aging policy from the current setting of 56 days to 42 days will all users begin the 42 day count today? Thu, 14 Feb 2008 20:32:09 GMT RobertCarback 2008-02-14T20:32:09Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092686#M738750 HP-UX 11iv2 (IA64)<BR />How do I force all users to be on a 42 day pasword aging policy starting today? Thu, 14 Feb 2008 20:22:50 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092686#M738750 RobertCarback 2008-02-14T20:22:50Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092687#M738751 your system will have to be trusted<BR /><BR />sam<BR />Auditing ans security<BR />System Security Policies.<BR /><BR />Then you can set password aging. Thu, 14 Feb 2008 20:29:22 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092687#M738751 Paul Sperry 2008-02-14T20:29:22Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092688#M738752 it's already trusted. I'm saying that if today I change the aging policy from the current setting of 56 days to 42 days will all users begin the 42 day count today? Thu, 14 Feb 2008 20:32:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092688#M738752 RobertCarback 2008-02-14T20:32:09Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092689#M738753 The supported way would be to select "expire all users passwords" option.<BR /><BR />All users would have to change their pw after this.<BR /><BR /> Thu, 14 Feb 2008 21:02:17 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092689#M738753 Tim Nelson 2008-02-14T21:02:17Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092690#M738754 the 42 day age is the age since the last sucessful password change. So to answer you question. No they will not all expire in 42 days. You could use<BR /><BR />modprpw -E<BR /><BR /><BR />This option is specified WITHOUT a user name to expire all user's<BR /> passwords. It goes through the protected password database and<BR /> zeroes the successful change time of all users. The result is<BR /> all users will need to enter a new password at their next login.<BR /> Thu, 14 Feb 2008 21:09:03 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092690#M738754 Paul Sperry 2008-02-14T21:09:03Z https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092691#M738755 thanks all Thu, 14 Feb 2008 21:16:18 GMT https://community.hpe.com/t5/operating-system-hp-ux/forcing-password-aging-today-is-day-one/m-p/5092691#M738755 RobertCarback 2008-02-14T21:16:18Z