find the last time a user change his/her pwd

Discussion in 'macOS' started by dangtran09, Nov 17, 2016.

  1. dangtran09 macrumors newbie

    Nov 6, 2013
    hi all -

    as a security best practice, we're asking all employees to change his/her login pwd.

    is there a command i can invoke to see when the last time a user pwd has been modified?

  2. KALLT macrumors 601

    Sep 23, 2008
    Normally such a policy would be enforced by an account server or managed profile, e.g. Active Directory. I take it that you don’t manage your employees computers in any way?
  3. Sciuriware macrumors 6502


    Jan 4, 2014
    One way is to observe the modification time of the file /etc/passwd,
    assuming there is only one user per machine.
  4. Phil A. Moderator

    Phil A.

    Staff Member

    Apr 2, 2006
    Shropshire, UK
    OS X only uses /etc/passwd in single user mode - if you look in it you won't find your user at all.

    If you look, this is at the top of the /etc/passwd file

    # User Database
    # Note that this file is consulted directly only when the system is running
    # in single-user mode.  At other times this information is provided by
    # Open Directory.
    # See the opendirectoryd(8) man page for additional information about
    # Open Directory.

    You may be able to use pwpolicy from a command line to set user password expiration (man pwpolicy for more details)

Share This Page