ASA CLI Command to view password expiration in days
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-22-2020 05:49 PM
Good Evening...
We are running ASA 5545X with 9.14(1) / 7.14(1). I am wondering if there is a CLI command to see the local password expiration in days?? Like showing the number of days left before the password expires.
I understand in ASDM I can view the account and change the number of days the password expires, but I am wanting to know how many days are left before expiration.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-23-2020 12:18 AM
AFAIK There is no command in ASA that can show remaining password remaining
time. The 'show aaa local' command will show you the local lost only.
***** please remember to rate useful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-23-2020 04:59 AM
You can see it indirectly as follows:
show running-config | i password-policy lifetime show running-config | i password-date
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2020 05:36 AM
Marvin,
In the ASA, those commands you provided do not return any information.
Any other ideas?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2020 06:11 AM
In that case there's no local password-policy and the local user passwords do not expire.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2020 11:06 AM
Interesting...I can see the password policy in ASDM.
All good. I appreciated you trying to help!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-25-2020 11:18 PM
What version of ASA software are you using? I verified the command with ASA 9.12 before posting.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2025 04:23 PM - edited 04-11-2025 04:30 PM
As @marvin mentioned if you don't see them in the 'running-config' with a 'show run | i password-policy' then there is no password policy set.
The default password policies can be shown with a 'show run all | i password-policy'
ASDM is likely reporting these defaults.
