By default, Magento sets a configuration that after 90 days will remind you to forcefully change the password of the admin that says, “It’s time to change your password” which is annoying for the developers. In Production, It’s a good feature to make the store secure.
In Magento 2, password expiration is a security feature that forces users to change their passwords at regular intervals. However, there may be situations where you want to disable password expiration for certain user roles or for all users. Here’s how you can do it:
The first method is from the Magento 2 backend
- Log in to Admin Panel.
- Go to Stores -> Configuration -> Advanced -> Admin and expand Security Fieldset.
- Go to Password Change and select the option “Recommended“.
- Also, Go to Password Lifetime (days) and set empty textbox.
- Save Configuration.
In case you set the number of days for “Password Lifetime”, and set the dropdown value of “Password Change” to “Recommended“, it won’t be mandatory to change the password. However, if the dropdown value is set to “Forced“, the admin panel will be accessed only after the password change.
The second way is using the command line
You can execute the below commands in the terminal from the Magento root directory :
php bin/magento config:set admin/security/password_lifetime '' php bin/magento config:set admin/security/password_is_forced 0