2.6 Ensure 'password_lifetime' is Less Than or Equal to '365'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Password expiration provides users with a unique time bounded password lifetime.


Allows additional security factors pertinent to a specific user to provide further password security; predetermined by varying security needs and usability requirements in a system or organization.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


To configure the global password lifetime to 365 by executing the following command:

SET GLOBAL default_password_lifetime=365;

Alternatively, configure the password lifetime for each user returned by the audit procedure by executing the following command:

ALTER USER '<username>'@'<localhost>' PASSWORD EXPIRE INTERVAL 365 DAY;

Default Value:


See Also