If you are moving from shared hosting to a VPS, one thing you might not be accustomed to dealing with is having shell access to your account. You can use SSH to directly manipulate your Linux or Unix virtual private server from its command line. That, however, comes with a security risk for you and any other user you afford with a user account. Since weak passwords are often the cause of security breaches, it is important to enforce strong ones. With password aging, you can also enforce regular password changes.
A program called “chage” will set the length of time between required password changes. The formula for setting times is:
m – Minimum days – The minimum number of days allowed between password changes
M – Maximum days – The maximum number of days that a password is valid
W – Warn – Specifies the number of days a user is warned before the password must be change
For example, if you want to specify that a user must wait 30 days before manual password changes, must change his password every 60 days and shall be warned 7 days before his password expires, the command string would look like this:
# chage -m 30 -M 60 -W 7 username
This is a tool you can use for yourself to remind you that you need to change your own password, and you can also use it for other users to enforce regular password changes. If you have multiple users, you should have a policy in place and make sure they are aware of it. For more information, type “man chage” from the command line or see this documentation.