[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Password Last Change Date

Posted on 2004-11-01
Medium Priority
Last Modified: 2013-12-04
Dear Experts,

I have problem in make sure the password last change date in shadow file in Solaris 11.
Here's the line : root:HhOVtAnPp:6445::::::

I read from a source that the lastch date could be determined by adding 6445 with 1/1/1970. In this case I add 6445 with 1/1/1970 and i got 25-Aug-1987.
My questions is : Does the 6445 number above indicate that the root user has never changed the password? If the answer is yest, it'll become another question to me, because the system administrator told me that the password is changed regularly.

Is there any possibility that although the password has been changed, the lastch date in shadow file is not changed?

Thank you for your input before,
Question by:l3bb1t
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
LVL 38

Accepted Solution

yuzh earned 400 total points
ID: 12469944
6445 - means the password is set in the system installation time. eg, if the system is rebuilt a month ago then it is one month old, if it is built 3 years ago, then it is 3 yrs.

have a look at:
LVL 38

Expert Comment

ID: 12469958
PS: Solaris 11 has not yet released, to find out your OS version, type in:

uname -a

and post the output.

Author Comment

ID: 12470231
thank you yuzh..

That was what i thought before too. But I became doubtful after the system administrator insisted that he had changed the password monthly and the installation was about 1 year ago. Only root user and some other system users have 6445 value. Others have various value, such as : 12696.



ps. thank you too about Solaris 11. I was wrong about that. Anyway, the OS is Solaris.
LVL 38

Expert Comment

ID: 12470610
You can do a test to change the root password and see what happen to /etc/shadow file,
then put the original password backup to what it was.

If the 6445 didn't change, please post the output of:

uname -a

to see if any patch need to apply to your box.
LVL 40

Expert Comment

ID: 12472693
'passwd -sa' will tell when the passwords were last changed.

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question