Force User to Change Password at First Login

Create user “user”:
# useradd user

Create password for the user
# passwd user
Set the password to expiry:
#chage -d 0 user

Setting it default for all new Users:
#vi /etc/default/useradd
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=0 #(need to add zero “0”)
SHELL=/bin/bash
SKEL=/etc/skel
GROUPS=video
CREATE_MAIL_SPOOL=no
UMASK=022
This file contains the details, what all settings will be applied to the new users created into the system with useradd command.
Just set the value of EXPIRE=0 in this file, and every time when a new user will be created, will be forced to change the password at first login.

password duration:
for new accounts default settings are in /etc/login.defs
settings for current accounts are in /etc/shadow but we edit by command chage
chage -l [user] #check settings for user
chage -E “YYYY-MM-DD” [user] #set date when account expire, -1 means never
chage -M [nr] [user] #set maximum number of days between password change from last password change, -1 means never expire
chage -d “YYYY-MM-DD” [user] #set last password change
chage -W [nr] [user] #number of days of warning before password expires
chage -i [nr] [user] #set password inactive, when account is blocked after password expire

Thanks to:
http://studyhat.blogspot.be/2011/12/force-user-to-change-password-at-first.html

another way:
# yum install chage
List the password and its related details for an user
# chage –-list username
(or)
# chage -l username
!!!Is not working for same user.

Set Password Expiry Date for an user using chage option -M
# chage -M number-of-days userName
# chage –list userName
Set the Account Expiry Date for an User:
# chage -E “2015-11-29” userName
# chage -l userName

Force the user account to be locked after X number of inactivity days:
# chage -I 10 userName
# chage -l userName

Disable password aging for an user account:
# chage -m 0 -M 99999 -I -1 -E -1 userName
# chage –list userName

Thanks to:
http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/
http://www.cyberciti.biz/faq/rhel-debian-force-users-to-change-passwords/