How to Change User Password in Linux

In this tutorial we’ll explain how to change user passwords in Linux, from the command line, using the passwd command.

We’ll show you how to change your current user’s password, as well as changing, expiring, or locking passwords for other users.

These commands should work on any Linux distribution, such as Ubuntu, Debian, Linux Mint, CentOS, Rocky Linux, etc.

Introduction

Regular users can only change their own passwords. To change another user’s password you need to be root or be a user with sudo privileges.

In Linux and Unix-like operating systems, you can change passwords, and related changes, using the passwd utility. The hashed passwords, along with other related information is stored in the /etc/shadow file. To see the file contents you can go ahead and run:

sudo cat /etc/shadow

It’s very important that you keep a habit of using strong passwords on your machines. This is especially important if your machine is a server that’s exposed to the internet, where bad actors may constantly attempt to break in.

We recommend that you set strong passwords for your systems. This means passwords of a minimum length of 12 characters, containing at least one uppercase letter (A-Z), one lowercase letter (a-z), one number (0-9), and one special characeter (!@#$..).

It’s also recommended that each user on your system have an unique password, and to update all your user passwords on a regular basis.

How to Change Your User Password in Linux

To change the password for the current user you can use the passwd command, which is easy and straightforward.

To change our user password just run the passwd command:

passwd

You’ll be prompted to enter your current password to make sure it’s really you.

Changing password for edxd.
Current password:

Input your current password and press Enter.

Passwords won’t be displayed on the screen when you input them, for security reasons.

If the password you entered is correct, you’ll next you’ll be prompted to type the new password you want to set.

Usually, the minimum requirements for your new password are a minimum length of 6 characters, for the password not to be too simple, and for it not to be too similar to the current password.

We recommend you use a complex password of at least 12 characters, as we mentioned in the intro.

New password:

Next you’ll have to enter the new password again:

Retype new password:

If the password fits the minimum requirements then your password should now be successfully changed, and the next time the system asks it will expect your new password.

passwd: password updated successfully

How to Change Another User’s Password in Linux

We can also change passwords for other user accounts using the passwd utility.

To change the user password of a different user’s account you need root access or sudo privileges.

In the following examples we’re assuming you’re logged in as the root user or a non-root sudo user.

To change another user’s password just run the passwd command, followed by the username of the user whose password you want to change:

sudo passwd bytexd_user

You will be asked to enter the new password twice, and if it meets the minimum requirements it will be successfully changed and next time the user is prompted for their password they will need to use the new one.

New password:
Retype new password:
passwd: password updated successfully

If you try to change the password for another user, without havcing root access or sudo privileges you will get an error:

passwd: You may not view or modify password information for bytexd_user.

Change a User’s Password Without a Prompt (Non-Interactive)

You can change another user’s password in a single line, without being prompted for confirmation, using the usermod command.

In order to do this we’ll use the usermod command, which expects us to provide it with the password in a hashed format.

To hash our password right before providing it to usermod we will use the openssl passwd command, with the -6 option, which hashes our password using the SHA512 hashing algorithm.

This command will change the password to 8n&E8MgZd^Rc in one line, without a prompt, for bytexd_user:

sudo usermod --password $(openssl passwd -6 '8n&E8MgZd^Rc') bytexd_user

It’s recommended that you put the password in single quotes – '8n&E8MgZd^Rc' instead of 8n&E8MgZd^Rc, in order to avoid accidental character substitution if you have characters such as $1 in your password.

Change Passwords for Multiple Users

Another way to change user passwords is using the chpasswd command that allows you to batch set passwords for multiple users.

Such as before, you will need root access or a user with sudo privileges for this.

First we run the command:

sudo chpasswd

Next you won’t see any output and you will have to enter the username and password separated by : – one user:password per line.

edxd:somenewpassword
bytexd_user:someothernewpassword
stelixd:yetanotherpassword

When you are done press Ctrl+D for the changes to take effect and return to the regular prompt.

There won’t be any confirmation message in the output.

How to Force a User to Change Password at Next Login in Linux

To force a user to change their password at next login means that we’re expiring the user’s password.

To do this we’ll need root or sudo privileges. As such, the following example will assume you’re acting as the root user or a non-root sudo user.

By default, user passwords are set to never expire, however we can can change that using the passwd comand and the -e (or --expire) option, followed by the user’s username.

The following command will expire the password for user bytexd_user:

sudo passwd -e bytexd_user

passwd: password expiry information changed.

When bytexd_user logs in, after entering their current password, they’ll be forced to change it to a new one.

ssh [email protected]

The user will need to enter their current password once again, after which they’ll be required to set a new one.

You are required to change your password immediately (administrator enforced)
Changing password for bytexd_user.
Current password:
New password:
Retype new password:
passwd: password updated successfully
Connection to 172.141.197.192 closed.

After successfully updating the password, if you’re logging in via SSH, then the connection will close.

If you are simply switching users while already logged in, then the user will successfully switch.

Locking & Unlocking User Passwords in Linux

We can also lock or unlock user passwords. Locking a user password means that the user won’t be able to use or change their password.

The user can still log into the server through a different authentication method, such as with SSH keys, if they have them set up.

We can do this using passwd -l.

The following command locks the password for user bytexd_user:

sudo passwd -l bytexd_user

passwd: password expiry information changed.

Now, when the user tries to SSH into the server, they will still enter the password, but will get Permission denied:

[email protected]'s password:
Permission denied, please try again.

To unlock the password for a user we can use the -u option.

The following command wil unlock the password for bytexd_user:

sudo passwd -u bytexd_user

passwd: password expiry information changed.

Conclusion

In this tutorial you learned how to change user passwords in Linux, how to expire passwords and how to lock them.

You can view all options for the passwd command from the manual by running man passwd in your command line, or by reading the man page online.

If you have any questions or have enountered issues, feel free to leave a comment and we’ll get back to you as soon as we can.