LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Default max password expiry is 99999 days, why? (https://www.linuxquestions.org/questions/linux-newbie-8/default-max-password-expiry-is-99999-days-why-4175664777/)

mintner 11-22-2019 09:32 PM
Default max password expiry is 99999 days, why?
 
# Password aging controls:
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7

Why is it 99999 days? 5 nines. What is special about this? Does it have to be 5 characters? It coulda been 9999, even 999 days. I feel like there’s a reason it is 99999.

I realize this doesn’t matter for function, but I am curious as to why. If there is no reason, I want to know that too.

frankbell 11-22-2019 09:35 PM
What is the context of this "default password expiry" setting?

gregorywest 11-23-2019 12:50 AM
Default max password expiry is 99999 days, why?
 
My quick guesx is 99,999 is just under 275 years, thus 9999 would be just under 27 years. Where the latter can happen in the life span of code ( I had a job in the early 1990's updating code written in the 1960's), the former is not. Since you have a field of width X, X=4 could cause an issue, but X=5, if it caused an issue would be 200 years after the person who caused it died.

Greg

rnturn 11-23-2019 05:01 AM
Quote:
Originally Posted by mintner (Post 6060888)
# Password aging controls:
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
Ugh! The system'll allow someone to use a 5-character password for nearly 274 years. The auditors will have a cow.

As for why "99999"? Probably just some value the person that set up the configuration pulled out of thin air (or somewhere else). "12345" (a still-too-long 33.8 years) could have been just as likely found in the config. I've always figured that PostgreSQL listens on port "5432" for much the same reason.

Jan K. 11-23-2019 03:31 PM
Quote:
Originally Posted by rnturn (Post 6060957)
As for why "99999"?
It's lesser time than the extreme "-1"... :study:

ehartman 11-23-2019 10:26 PM
Quote:
Originally Posted by rnturn (Post 6060957)
I've always figured that PostgreSQL listens on port "5432" for much the same reason.
Amd some BitTorrent clients (like Vuze) on port 54321

Soadyheid 11-24-2019 09:03 AM
Oops! Already solved but here's my :twocents: worth...

Quote:
Default max password expiry is 99999 days, why?
Because it's a five numeric digit field? The largest single decimal number is 9, so 99999 would be the maximum allowable number. You'd have to ask the person who originally coded this why they wanted five digits but to me, it looks like it's equivalent to "Password does not expire."

Play Bonny!

:hattip:

Jan K. 11-24-2019 09:56 AM
Quote:
Originally Posted by Soadyheid (Post 6061278)
...to me, it looks like it's equivalent to "Password does not expire."
To be nit-picking, it really isn't... it's set to expire in ~274 year. A "do not expire" is "-1". :study:

Soadyheid 11-24-2019 07:33 PM
OK, I said "equivalent". Should I have said "User will expire first"? :D :D :D

Keep up the nit picking! :D

Play Bonny!

:hattip:


All times are GMT -5. The time now is 03:50 PM.