chage

List password information for user

$ chage -l username

$ sudo chage -M 10 username

$ sudo chage -M -1 username

$ sudo chage -E 2025-12-31 username

$ sudo chage -d 0 username

$ sudo chage -E -1 username

chage [options] LOGIN

chage changes user password expiry information stored in /etc/shadow. It controls the number of days between required password changes, the date of the last password change, and account expiration dates.
System administrators use chage to enforce password policies, such as requiring users to change passwords at regular intervals, setting grace periods after expiration, and disabling accounts on a specific date. The -l option allows any user to view their own aging information without root privileges.
Setting the last password change date to 0 with -d forces an immediate password change on the user's next login, which is commonly used when creating new accounts or after a security incident.

-d, --lastday LAST_DAY

Set the date of last password change (YYYY-MM-DD or days since epoch)

Set account expiration date; use -1 to remove expiration

Output dates in ISO 8601 format

Days of inactivity after password expiration before account lockout

Display account aging information

Minimum days between password changes

Maximum days before password change required

Days before expiration to warn user

/etc/shadow

Password aging data for each user account.

System-wide defaults for password aging policies.

Root privileges are required except when using -l to list your own information. Setting -d 0 forces an immediate password change on next login.

chage is part of the shadow-utils package. It manages password aging as defined in the /etc/shadow file.

passwd(1), shadow(5), usermod(8)