Greetings, I'm configuring a new 1.5.9 install. I tried to look for the answer in the LedgerSMB manual but the manual from the website is for v1.3x... So. Under "Security Settings" Password Duration: Is this days? minutes? seconds? What is the default? Suggestion #1: Whatever the duration period is, place it next to the description along with the default value. Like so: Password Duration, in Days (Default=2 days): Session Lockout: Is this minutes? seconds? What is the default?. Suggestion #2: Whatever the duration period is, place it next to the description along with the default value. Like so: Session Lockout, in Minutes (Default=10 minutes): Suggestion #3 (for next release): Enable the Sys Admin to disable the Password Duration altogether. So setting the Password Duration to "0" means that user passwords do not expire. You could just replace the a "hard" password expiration with just a 180-day nag like this: Your password is over 180 days old. Please consider replacing the current password with a newer one. And, include a link/button that says: "Disregard". Which will stop the nag for another 180 days. Thanks! Regards, Michael -- ====================== Michael Chinn Miguel.Chinn@Gmail.com ~ ~~ ~ ~ o:)^))>~< <;)^)))>~< ~ ~ ~~ ~ <:)^)))>~< <;)^)>~< ~~ ~~~ ~ ~ ~ o:)^)))>-< <;)^))>~< ~ ~~ ~~ ~~ ~ o;)^))>-< <:)^))>~< ~~ ~ ~o:)^))>~<