Question: when a password expires, does it remain in a usable state in the database indefinitely? For example, if someone comes along a year after their password has expired, can they still login once with that password?

This is actually what I want, but I just want to confirm there's not some sort of secondary threshold which means that an expired password is not usable X days after it has expired. Or, if there is such a secondary threshold, where I can find it.

The scenario is a RADIUS server for wifi which reads NTLM password hashes out of the database to authenticate - this continues to work after expiry. However I want users to be able to do a self-reset later if and when they want to.



Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to