find the last time a user change his/her pwd

[dangtran09]

hi all -

as a security best practice, we're asking all employees to change his/her login pwd.

is there a command i can invoke to see when the last time a user pwd has been modified?

thanks

 

[KALLT]

Normally such a policy would be enforced by an account server or managed profile, e.g. Active Directory. I take it that you don’t manage your employees computers in any way?

 

[Sciuriware]

hi all -

as a security best practice, we're asking all employees to change his/her login pwd.

is there a command i can invoke to see when the last time a user pwd has been modified?

thanks

One way is to observe the modification time of the file /etc/passwd,
assuming there is only one user per machine.
;JOOP!

 

[Phil A.]

One way is to observe the modification time of the file /etc/passwd,
assuming there is only one user per machine.
;JOOP!

OS X only uses /etc/passwd in single user mode - if you look in it you won't find your user at all.

If you look, this is at the top of the /etc/passwd file

##
# User Database
#
# Note that this file is consulted directly only when the system is running
# in single-user mode.  At other times this information is provided by
# Open Directory.
#
# See the opendirectoryd(8) man page for additional information about
# Open Directory.
##

You may be able to use pwpolicy from a command line to set user password expiration (man pwpolicy for more details)