The easier way with which an user is able to change its password is to use the web interface of Zeroshell. In fact not only admin can open a web session on Zeroshell, but also a not privileged user.
On kerberized Unix/Linux workstations you just have to use kpasswd or passwd if the PAM system is configured to use kerberos.
If you use Windows and you have an Active Directory domain that trusts your Kerberos 5 realm it is possible to change the Zeroshell password by pressing [CTRL][Alt][Del].
The password complexity is the minimum number of character classes the a password requires to be valid.
The character classes are:
Lowercase letters, uppercase letters, numbers, punctuation characters and other characters. For example the complexity of Sd10420Eo is 3.
Nice, thank you for the quick reply.
I am using the RADIUS server to authenticate users for a couple of web enabled application, namely, Bomgar and LogLogic. When the password expires, what will happen, will they just not be able to login, or will there be meaningful messages? Or, does that depend on the web application?