ASA CLI Command to view password expiration in days

TW80CJ5 · ‎08-22-2020

Good Evening...

We are running ASA 5545X with 9.14(1) / 7.14(1). I am wondering if there is a CLI command to see the local password expiration in days?? Like showing the number of days left before the password expires.

I understand in ASDM I can view the account and change the number of days the password expires, but I am wanting to know how many days are left before expiration.

Thanks!

Mohammed al Baqari · ‎08-23-2020

Hi,

AFAIK There is no command in ASA that can show remaining password remaining
time. The 'show aaa local' command will show you the local lost only.

***** please remember to rate useful posts

Marvin Rhoads · ‎08-23-2020

You can see it indirectly as follows:

show running-config | i password-policy lifetime
show running-config | i password-date

TW80CJ5 · ‎08-24-2020

Marvin,

In the ASA, those commands you provided do not return any information.

Any other ideas?

Marvin Rhoads · ‎08-24-2020

In that case there's no local password-policy and the local user passwords do not expire.

TW80CJ5 · ‎08-24-2020

Interesting...I can see the password policy in ASDM.

All good. I appreciated you trying to help!

Marvin Rhoads · ‎08-25-2020

What version of ASA software are you using? I verified the command with ASA 9.12 before posting.

knathan · ‎04-11-2025

As @marvin mentioned if you don't see them in the 'running-config' with a 'show run | i password-policy' then there is no password policy set.
The default password policies can be shown with a 'show run all | i password-policy'
ASDM is likely reporting these defaults.