{"id":4763,"date":"2018-06-08T12:35:44","date_gmt":"2018-06-08T08:35:44","guid":{"rendered":"https:\/\/www.howtoforge.com\/linux-passwd-command\/"},"modified":"2018-06-08T12:35:44","modified_gmt":"2018-06-08T08:35:44","slug":"linux-passwd-command-tutorial-for-beginners-8-examples","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/linux-passwd-command-tutorial-for-beginners-8-examples\/","title":{"rendered":"Linux passwd Command Tutorial for Beginners (8 Examples)"},"content":{"rendered":"

As a Linux command line user, you should be aware of\u00a0utilities that help you with user-account management. Once such tool is passwd<\/strong>, which lets you change your account password. In this tutorial, we will discuss the basics of this command using some easy to understand examples.<\/p>\n

But before we do that, it’s worth mentioning that all examples in this tutorial have been tested on an Ubuntu 16.04 LTS machine.<\/p>\n

Linux passwd command<\/h2>\n

As already mentioned in the beginning, the passwd command lets users change their account password. Following is its syntax:<\/p>\n

passwd [options] [LOGIN]<\/p>\n

And here’s how the man page describes it:<\/p>\n

 The passwd command changes passwords for user accounts. A normal user\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 may only change the password for his\/her own account, while the\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 superuser may change the password for any account.\u00a0 passwd also changes\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 the account or associated password validity period.<\/pre>\n
Following are some Q&A-styled examples that should give you a good idea on how this command works.<\/p>\n
Q1. How to use passwd?<\/h2>\n
Basic usage is simple – just execute the passwd command sans any option\/input.<\/p>\n
passwd<\/p>\n
Following is some useful information that you need to know about passwd’s operation:<\/p>\n
 The user is first prompted for his\/her old password, if one is present.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 This password is then encrypted and compared against the stored\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 password. The user has only one chance to enter the correct password.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 The superuser is permitted to bypass this step so that forgotten\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 passwords may be changed.
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 After the password has been entered, password aging information is\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 checked to see if the user is permitted to change the password at this\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 time. If not, passwd refuses to change the password and exits.<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 The user is then prompted twice for a replacement password. The second\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 entry is compared against the first and both are required to match in\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 order for the password to be changed.<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Then, the password is tested for complexity. As a general guideline,\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 passwords should consist of 6 to 8 characters including one or more\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 characters from each of the following sets:<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00b7\u00a0\u00a0 lower case alphabetics<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00b7\u00a0\u00a0 digits 0 thru 9<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00b7\u00a0\u00a0 punctuation marks<\/p>
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Care must be taken not to include the system default erase or kill\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 characters.\u00a0 passwd will reject any password which is not suitably\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 complex.<\/p><\/pre>\n
For example, in my case, here’s how I changed the passwd:<\/p>\n
\"\"<\/a><\/p>\n
Please note that in case you have superuser\u00a0privileges (or are a system admin), you can change any account’s password by just mentioning the username of the account. For example:<\/p>\n
passwd himanshu<\/p>\n
Q2. How to make an account password-less?<\/h2>\n
The passwd command also lets you delete a password associated with a user account. For this, you need to use the -d command line option.<\/p>\n
passwd -d<\/p>\n
So this is basically a quick way to disable password for an account, essentially making it password-less.<\/p>\n
Q3. How to forcibly expire a password?<\/h2>\n
Sometimes the system admin may want a user to change their password immediately. So in that case, they may use the -e command line option which results in immediate expiry of the password, forcing user to change their password on the very next login.<\/p>\n
passwd -e<\/p>\n
Q4. How to disable an account if password remains expired?<\/h2>\n
The passwd command also lets you deal with situations where-in user doesn’t take any action even after their password is expired. Basically, the tool lets you disable the account altogether in case password remains expired for a set number of days. This you can do using the -i command line option, which requires a number as input.<\/p>\n
For example:<\/p>\n
passwd -i 5<\/p>\n
So this command will make sure the account is disabled if the password remains expired for 5 days.<\/p>\n
Q5. How to set a time gap between password changes?<\/h2>\n
The passwd command also allows you to set a minimum time gap between password changes. This is made possible through the -n command line option, which requires a numeric value that’s treated as number of days.<\/p>\n
For example:<\/p>\n
passwd -n 10<\/p>\n
This command makes sure there’s a gap of 10 days between any two password changes. It’s worth mentioning that a value of 0 indicates that the user may change his\/her password at any time.<\/p>\n
Q6. How to make passwd display account status info?<\/h2>\n
This you can do using the -S command line option.<\/p>\n
\"\"<\/a><\/p>\n
Here’s how the official documentation explains these fields:<\/p>\n
 Display account status information. The status information consists\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 of 7 fields. The first field is the user's login name. The second\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 field indicates if the user account has a locked password (L), has\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 no password (NP), or has a usable password (P). The third field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 gives the date of the last password change. The next four fields\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 are the minimum age, maximum age, warning period, and inactivity\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 period for the password. These ages are expressed in days.<\/pre>\n
Q7. How to set password validity period?<\/h2>\n
The passwd command allows you to do this through its -x option, which requires a number representing the maximum number of days a password remains valid.<\/p>\n
For example:<\/p>\n
passwd -x 100<\/p>\n
Q8. How to make passwd warn users about due password change?<\/h2>\n
This can be done using the -w command line option, which requires a number as input, which is nothing but number of days prior to the password expiring that a user will be warned that his\/her password is about to expire.<\/p>\n
For example:<\/p>\n
passwd -w 7<\/p>\n
Conclusion<\/h2>\n
So you can see passwd is a very important tool that you should be aware of regardless of the type of user you are (newbie or pro). Here, in this tutorial, we have discussed several key features of passwd. Practice these, and once you’re done, head to the tool’s\u00a0man page<\/a> to know more about it.<\/p>\n
\n
Share this page:<\/b><\/p>\n
\n\"\"<\/a>
\n\"\"<\/a>
\n\"\"<\/a>
\n\"\"<\/a>\n<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
As a Linux command line user, you should be aware of\u00a0utilities that help you with user-account management. Once such tool is passwd, which lets you change your account password. In this tutorial, we will discuss the basics of this command using some easy to understand examples. But before we do that, it’s worth mentioning that …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[],"class_list":["post-4763","post","type-post","status-publish","format-standard","hentry","category-36"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/4763","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=4763"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/4763\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=4763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=4763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=4763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}