pwpolicy

Find when the user’s password was last changed

#!/bin/bash
# Get last password change

echo; echo Password Last Changed:; u=$(dscl . list /Users | egrep -v '^_|daemon|nobody'); for i in $u; do printf \\n$i\\t; currentUser=$i;t=$(dscl . read /Users/"$currentUser" | grep -A1 passwordLastSetTime | grep real | awk -F'real>| /dev/null; done

Link:
https://applehelpwriter.com/2018/03/14/6228/

pwpolicy -getglobalpolicy | grep -C2 policyAttributeExpiresEveryNDays

See how many days are left before a user has to change their password
dscl . -read $HOME | /usr/bin/grep -C2 passwordLastSetTime

pwpolicy -u test --get-effective-policy

pwpolicy -getpolicy -u username

sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays NUMBER

STIG Check
/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep maxPINAgeInDays
If the return is null, or is not “maxPINAgeInDays = 60” or set to a smaller value, this is a finding.

/usr/bin/sudo /usr/bin/pwpolicy getaccountpolicies

Link
https://discussions.apple.com/thread/252843434

Apple Password Profile
https://support.apple.com/guide/deployment/password-and-passcode-payload-settings-dep4d6a472a/web

Legacy
https://www.cnet.com/tech/computing/how-to-change-password-expiration-warning-intervals-in-os-x/

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *