caption: Machine password change rate
deprecated: true
default: 30
desc: |-
Setting the policy specifies in days how often a client changes their machine account password. The password is randomly generated by the client and not visible to the user. Disabling this policy or setting a high number of days can negatively impact security, because it gives potential attackers more time to find and use the machine account password.
Leaving the policy unset means the machine account password is changed every 30 days.
Setting the policy to 0 turns off machine account password change.
Note: Passwords might get older than the specified number of days if the client has been offline for a longer period of time.
device_only: true
example_value: 0
features:
dynamic_refresh: true
owners:
- [email protected]
schema:
maximum: 9999
minimum: 0
type: integer
supported_on:
- chrome_os:66-114
tags:
- system-security
type: int
generate_device_proto: False