If you’re the administrator of a shared computer or a few in the office, you probably want to have the users change their password periodically for enhanced security. Here’s how to do it in Windows 7 & XP.

Note: This uses Local Security Policy which is not available in Home versions of Windows. These are local settings on machines not on a domain. Domain settings will take precedence over local settings.

Changing Password Age in Windows 7

Log in as Administrator and type Secpol.msc into the Search box of the Start Menu and hit Enter.

Local Security Policy opens. Navigate to Account Policies \ Password Policy and double-click on Maximum password age.

Here you can change the Maximum password age to what you want. By default it is 42 days, but you can change it from 1-999 days. When you’re finished, click OK and close out of Local Security Policy Editor.

If you were set it to zero, the password would never expire.

Changing Password Age in XP Professional

While easy in Windows 7, XP gets a bit more tricky. First go to Start \ Run and type mmc and Enter.

The Console opens and you want to go to File then select Add/Remove Snap-in…

Now click on the Add button…

Scroll down and highlight Group Policy Object Editor…then click Add.

Under Group Policy Object make sure it says Local Computer and click Finish.

Now you will need to navigate to Local Computer Policy \ Computer Configuration \ Windows Settings \ Security Settings \ Account Policies \ Password Policy. Then as before double-click Maximum password age.

Then change it to whatever you want it to be.


If you want to make users on your local machine(s) to change their passwords periodically, changing the password age is how to get it done. You should have users change their password regularly and encourage them to use strong passwords as well.