3.1.10 /etc/security/user - maxexpired

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Defines the number of weeks after maxage, that a password can be reset by the user.

In setting the maxexpired attribute, it limits the number of weeks after password expiry when it may be changed by the user.


In /etc/security/user, set the default user stanza maxexpired attribute to 2-

chsec -f /etc/security/user -s default -a maxexpired=2

This means that a user can only reset their password up to 2 weeks after it has expired. After this an administrative user would need to reset the password.

See Also