Linux Change or set Password

Both Unix and Linux-like operating systems apply the passwd commands for changing the password of the user. The passwd command is used for updating the authentication password or token of the user which is saved in the /etc/shadow file.

The passwd command changes the passwords for group accounts and users. A normal user might only modify the password for her/his account, the root user or super user might modify the password for other accounts.

The group administrator might modify the password for a group. Also, the passwd command changes the information of an account like the user's full name, the login shell of the user, or the interval and expiry date at the password.

Type the following passwd command for changing our password:

Output:

Initially, the user is requested for her/his previous password when one is available. The password is further compared and encrypted. The password is compared to the stored or saved password.

The user contains only a single chance for entering an accurate password. The root user is allowed for bypassing this step. Hence, the forgotten passwords might be modified. A newer password is checked for complexity. The passwords must a combination of 10 to 20 characters containing multiple characters from all of the below sets as a normal guideline:

1. Upper case alphabetics
2. Lower case alphabetics
3. Digits 0 to 9
4. Special characters or punctuation marks

Other account change password in Linux

If we want to change the password for other accounts of the user in Linux, we have to log in as the super user. Then, we have to type the below command for changing the password for user karishma:

Or,

Output:

Note: Passwords don't show on the screen when we type them.

Linux change password of a group

The password for a named group will be changed when we use the -g option. In this example, we will change the password for group1 group:

The option -r is applied with the option -g for removing the latest password through the named group. It permits group access to every member. The option -R is applied with option -g for restricting the named group for every user.

Modifying user passwords in Linux

As a Linux sysadmin (system administrator) we can change the password for the users on our server. For changing the password on behalf of any user:

1. First of all, sign on "sudo" or "su" to the "super" or "root" account in Linux.
2. After that enter the following command for changing the password for john user:
   passwd john
3. The system will request us to type the password twice.

For changing or setting a new super user or root password, we have to enter the following command:

Forcing user for changing the password at the next login

Linux passwords by default never expire for any users. But, we can also force the users for changing the password they log in by CLI or GUI methods next time. The syntax is as follows:

Let us expire the password of an account immediately, we can use the following command:

The system would confirm it:

Lock and unlock user passwords

Lock password:

By using the following command, we can lock the user password:

This option will disable the password by modifying it to any value which is not matching to the possible encrypted value. It will add the ! sign in the starting of the password inside the /etc/shadow file.

Unlock password:

We can use the following command for unlocking a password:

The above option command will re-enable the password by modifying the password back to the previous value.

Tips to set up a secure password in Linux

Any compromise in the security of the password is typically outcome from the careless selection of the passwords. Avoid basic password like:

1. Words that occur in the dictionary
2. Our last and first name
3. Our pet names
4. Spouses or kids names
5. Date of birth (DoB)
6. License number
7. Office or home address

We highly recommend that we produce a unique password for every user account