password aging field


On non-trusted systems password aging is stored as part of the encrypted password each user's account in the system's password file.  The password field, which is the second field is divided in two by a comma.  The first portion, characters 1-13, is the encrypted password.  The second portion, after the comma (characters 15-18), is the password aging field for that account.
password aging field (characters 15-18) breakdown:
character 1: max weeks password is valid before expiration
character 2: min weeks password before password can change
remaining characters: last password change (in number of weeks since 1/1/1970)

the characters are Base-64, so it's kind of tricky.  See the above links for a conversion table for Base64.


N = 25 weeks, 175 days max password lifetime
/ = 1 week, 7 days miniumum password before changing
S = 30
T = 31
31 * 64 = 1984
1984 + 31 = 2050 weeks since January 1, 1970 = 08/07/08

No comments: