find the last time a user change his/her pwd

Discussion in 'macOS' started by dangtran09, Nov 17, 2016.

  1. dangtran09 macrumors newbie

    Joined:
    Nov 6, 2013
    #1
    hi all -

    as a security best practice, we're asking all employees to change his/her login pwd.

    is there a command i can invoke to see when the last time a user pwd has been modified?

    thanks
     
  2. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #2
    Normally such a policy would be enforced by an account server or managed profile, e.g. Active Directory. I take it that you don’t manage your employees computers in any way?
     
  3. Sciuriware macrumors regular

    Sciuriware

    Joined:
    Jan 4, 2014
    Location:
    Gelderland
    #3
    One way is to observe the modification time of the file /etc/passwd,
    assuming there is only one user per machine.
    ;JOOP!
     
  4. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #4
    OS X only uses /etc/passwd in single user mode - if you look in it you won't find your user at all.

    If you look, this is at the top of the /etc/passwd file

    Code:
    ##
    # User Database
    #
    # Note that this file is consulted directly only when the system is running
    # in single-user mode.  At other times this information is provided by
    # Open Directory.
    #
    # See the opendirectoryd(8) man page for additional information about
    # Open Directory.
    ##
    

    You may be able to use pwpolicy from a command line to set user password expiration (man pwpolicy for more details)
     

Share This Page