Force Users to Change Their Password

To improve security, you can force users to change their password on a regular basis.

The password expiration box within the Administrative Settings dialog provides a scrolling window that, when enabled, sets all passwords to expire after X days.   The time to the next password expiration for each user is measured in full calendar days, counted from the day when the user’s password was last changed.  (Note: this feature does not apply to the system account, Logged Off.)

If password expiration is enabled, you can also provide users with a warning that will appear each time they logon for X days before the next expiration of their password.  (see: Reset Password Warning Dialog.) This option is available only if the Password Never Expires box is NOT checked.   You cannot set the number of days in warning period to be larger than those in the expiration period.

The new password dialog will prompt for the user’s existing password in order to verify their identity and will require that they enter the new password twice to ensure that they do not inadvertently misspell the word. See: Reset Password Dialog.

 

You can also set a flag that will force a particular user to change their password on their next logon. The Add Account dialog, the Copy Account dialog and the Modify Account dialog all include the option of forcing the user to change their password on the next logon. 

This feature can be used even if Password Expiration has not been enabled in the Administrative Settings dialog.