Information
Inactive accounts pose a threat to system security since the users are not logging in to notice failed login attempts or other anomalies.
Solution
Run the following command to set the default password inactivity period to 30 days: # useradd -D -f 30
Modify user parameters for all users with a password set to match: # chage --inactive 30 <user>
Notes:
You can also check this setting in /etc/shadow directly. The 7th field should be 30 or less for all users with a password.
Note: A value of -1 would disable this setting.