Unix Password Age

Ok this is probably a very easy question, but I have looked all over EE and google, but I cant seem to find the answer.

I am trying to calculate the password age of a Unix user.  I can get the age value if i use the /etc/shadow file and I have the following results:

^ ^ ^ ^ ^ ^ ^ ^ ^
| | | | | | | | |

But how do i take the "13062" and calculate it to determine the actual password date/age.

I read some where that its the "13062" value is the amount of days since Jan 1 1970.
Is this correct?
Who is Participating?
Ah, Sun/Solaris date command doesn't support those flags.  I didn't know that.  Well, you can use perl or another scripting language of your choice, or do what this guy did: http://solarisjedi.blogspot.com/2006/06/solaris-date-command-and-epoch-time.html
That's correct.  UNIX uses epoch time, which started Jan 1 1970.
This thread may be helpful in regards to scripting with the password age: http://www.unix.com/shell-programming-scripting/33854-check-password-age.html
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

nakoz69Author Commented:
So how do i calc the "13062" from 1/1/1970?
On a *nix OS, date +%s will give you the number of seconds since epoch.  Divide by 60 to get minutes, again by 60 to get hours, then by 24 to get days.  Then you can compare that to what shows up in the password file to see how old the password is.
nakoz69Author Commented:
When i try:

# date %s
I get:

date: bad conversion

BTW I forgot to say that I am running the following version of SunOS:
5.8 Generic
nakoz69Author Commented:
Ok so i finally got it figured out.  Thanks Jimmy for all the help:

Process to convert the "lastchg" field from the "shadow" file to an actual day you need to use the following Steps:

# cat /etc/shadow
- you get the following result:


- the "14797" is the "lastchg" value
- this is the epoch time value since the password was changed (unix uses EPOCH time which is time since 01/01/1970)
- this value is in days so we need to convert it to minutes to get a date time

= "lastchg"*(hrs in a day)*(minutes in a day)
= 14797*24*3600
= 1278547200

We can now take this value and plug it into excel using the following formula
= (EPOCH_Value/sec in a day)+(days from 1900 to 1970)
= ((1278547200/86400)+25569)
= 40366
*Note: That excel actually starts from 1/1/1900 so you have to account for the 70 year difference in time
since EPOCH time starts at 1/1/1970
- which is why you add the 25569

You can now use the date/time format in excel and see the current date.


You can take the easy way out.

Since the "Lastchg" result is actually in days there is no need to convert from days to seconds back to days
- you can plug the following formula into excel and just use the date/time format to see the last change date

= ("lastchg"+(days from 1900 to 1970)
= 14797+25569
= 40366
When formatted in excel this turns out to be 7/7/10 12:00AM

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.