In older versions (pre v7) I believe it was possible to configure the local authentication server service to disable enforced password changing.
However, since v7, you are no longer able to do this.
The compromise option is to go to the settings screen for the "Password" authentication service and increase the expiry value to the largest value it will accept.
You need to go to Policy --> Rule Elements --> Authentiators, select the Password authenticator service to change this value.
Ironically, while logging into my v8 appliance to check this setting I was forced to change my password! I personally don't have an issue with doing so, but not being able to do so using SSH is a bit of a pain because it doesn't actually tell you that the password has expired - just that it is no longer valid.
Thanks for the info. It would be nice if this was an option that you could turn off if you wanted.
1 of 1 people found this helpful
Go to Authenticators and click on Password and change the Expiration to 99999999 and your passwords will not expire for around 273972 years (that's not exact though, because of intercalation).
Thanks I think that will work. I hope to be retired by then