password aging

Password aging is a technique used by system administrators to defend against bad passwords within an organization. Password aging means that after a set amount of time, usually 90 days, the user will be prompted to come up with a new password. The theory behind this is that if a user is forced to change his password periodically, a cracked password is only useful to an intruder for a limited amount of time. The downside to password aging, however, is that users are more likely to write their passwords down. With password aging the system administrator can set minimum and maximum lengths of time for which the password is valid. Maximum time lengths force users to change passwords regularly. Minimum lengths prevent users from quickly changing the passwords back.