Force Password Age Out

To increase security, it is recommended that password for all accounts be changed frequently. This section describes how to force users, including admin users, to change their passwords on expiry of a pre-configured time interval. This is a global configuration.

About this task

Perform the following steps to force change of password on expiry of a pre-configured time interval.

Procedure

  1. Open a session to access the device.
  2. Log in as admin.
  3. Access global configuration mode. 
    device# configure terminal
  4. Configure the setting to enforce changing of password after expiry of a set time period in days. This time duration is called Age Out duration. 
    device(config)# password-attributes max-password-age 90

    This example configures a password's maximum age as 90 days. Each user is forced to change the password every 90 days. This is a global configuration and is applicable to all users configured on the system.

9037309-01 Rev AA