maximum-lifetime
Syntax
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 18.4R1 for ACX Series, EX Series, QFX Series, MX Series, PTX Series.
Description
Specify the maximum password lifetime in days. A user who has the required permissions is able to control the maximum lifetime of a password. If the age of the password reaches the maximum lifetime configured, the password expires and has to be changed. If your password has expired, you cannot commit the configuration until the password is changed. Password expiry is applicable only for local user accounts.
You cannot configure the same password every time the password expires. Older passwords cannot be configured on password expiry. Therefore, maximum-lifetime can be committed only after configuring minimum-reuse, else commit fails and error is displayed on commit.
If maximum-lifetime is configured, password expiry validation check is performed at the time of login and at the time of commit based on the password timestamp. For passwords configured before minimum-reuse configuration is committed, the timestamp of the passwords is the time at which any configuration under system login hierarchy is committed following the commit for minimum-reuse. For passwords configured after minimum-reuse configuration is committed, the timestamp of the passwords is the time at which those passwords are committed.
Options
days—The maximum duration of a password where the password expires after the maximum duration is reached.
Range: 30-365
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.