How to Change a Password in Linux

December 12, 2022

How to Change a Password in Linux

This guide is part of the “Linux Commands” series. This series is focused on providing an in-depth overview of Linux commands and tools, in an easy-to-follow manner!


How to Change the User Password

To change the password for the currently logged-in user, you can use the passwd command.

  1. Open a terminal window.
  2. Type passwd and press Enter. This will allow you to change the password for the specified user. Note that you will need to have administrative privileges to do this.
  3. When prompted, enter the new password for the user.
  4. Confirm the new password by entering it again.
  5. You should see the terminal output: password updated successfully.

Some important things to keep in mind when changing a user's password:

  • Make sure to choose a strong password that is difficult to guess. A strong password should be at least 8 characters long and include a combination of upper and lowercase letters, numbers, and special characters.
  • Avoid using passwords that are based on personal information, such as your name, date of birth, or favorite sports team. These types of passwords are easy for attackers to guess.
  • Don't share your password with anyone else. If you need to give someone else access to your account, consider adding them as a user instead.
  • Change your password regularly to reduce the risk of it being compromised. A good rule of thumb is to change your password every few months.
  • Be careful when entering your password. If you make a mistake, the passwd command will not show the password as you type it. This security measure prevents someone from looking over your shoulder and seeing your password.

How to Change the Password for Other Users

You must have administrative privileges to change the password for another user on Linux. If you are an administrator, you can use the passwd command to change the password for any user on the system.

Here are the steps to follow:

  1. Open a terminal window.
  2. Type sudo passwd username and press Enter. This will allow you to change the password for the specified user. Note that you must enter your own password to authenticate the change.
  3. When prompted, enter the new password for the user.
  4. Confirm the new password by entering it again.

It's important to note that changing the password for another user is a sensitive operation and should only be done when necessary. For example, you might need to change a user's password if they forget it and cannot reset it themselves. In general, it's best to respect the privacy of other users and avoid changing their passwords unless absolutely necessary.


How to Change a Password Without the Old One

If you have lost your password, the only way to change it is by having a root user do it for you. For example, if you're using a VPS service, you should ask your hosting provider for help.

In the rare event that your server is run on an LDAP system, you may be required to provide the old password regardless of your administrative status on the server.

In this situation, the most efficient way to fix the problem is by editing the /etc/shadow file.

If you open this file from your terminal, you will see something along the lines of:

root:$6$hXdlMVqO$UeYG3qrITP2/hUH.ZbBZ/:18249:0:99999:7:::
randomuser:$6$hXdlMVqO$UeYG3qrITP2/hUH.ZbBZ/:18249:0:99999:7:::

The string between the first semicolon and the second ($6$hXdlMVqO$UeYG3qrITP2/hUH.ZbBZ/) is the encrypted password for the said user.

You can then take the encrypted password (your own) and replace that for the user who has forgotten his old one. Because you know your own password - you can now run the sudo passwd randomuser command and reset the users' password!


How to Configure Password Expiration

To set a routine password change in Linux, you can use the chage command. This command allows you to modify the password aging information for a user account, including the minimum and maximum password age.

Here is an example of how to use the chage command to set a routine password change for a user:

  1. Open a terminal window.
  2. Type the following command and press Enter: chage -m 7 -M 90 username

This command sets the minimum password age to 7 days and the maximum password age to 90 days for the user named username. This means that the user will be required to change their password every 7-90 days.

  1. To verify that the password aging information has been set correctly, you can use the chage -l command to view the password aging information for a user. For example: chage -l username

This will display the current password aging information for the user, including the minimum and maximum password age.

Example: chage -l user

Last password change                              : Dec 11, 2022
Password expires                                  : Mar 11, 2023
Password inactive                                 : never
Account expires                                   : never
Minimum number of days between password change    : 0
Maximum number of days between password change    : 90
Number of days of warning before password expires : 7

Keep in mind that the steps and exact syntax for setting this up may vary depending on your Linux distribution and version. If you need more detailed instructions, you can try searching online for specific instructions for your Linux distribution.