Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Debian 10
System Settings
Account and Access Control
Protect Accounts by Restricting Password-Based Login
Set Password Expiration Parameters
Set Password Maximum Age
Set Password Maximum Age
An XCCDF Rule
Details
Profiles
Prose
Set Password Maximum Age
Medium Severity
To specify password maximum age for new accounts, edit the file
/etc/login.defs
and add or correct the following line:
PASS_MAX_DAYS
A value of 180 days is sufficient for many environments. The DoD requirement is 60. The profile requirement is
.