Passwd Command in Linux
Syntax of Passwd Command in Linux
Use of Passwd Command in Linux as a User
passwd
Use of Passwd Command in Linux as a Root User / Super User
passwd [username]
Introduction
The use of passwd command in Linux is necessary for changing passwords of users and root user from time to time as per requirement and password policy.
A root user means the superuser can change the password of any users any time without any restrictions imposed by the password policy already applier earlier.
It means the root user is one who can decide any time who will be using the system at what time and for how many duration at all. However, the users can also change the password of their own user account as per the password policy.
Overruling of password policy can not be possible in any condition by a normal user. Also, the unauthorized user can not change the password of other users or root user anyway.
Following color coding is used to describe better to set passwd command in Linux.
- Bold Font with blue color – Commands and options
- Italic Font with red color – User name
- Bold Italic Font with green color – Files and directories
Password Policy
Applying passwd command in linux is simple but complicated in terms of keyboard input and password policy. During keyboard input, typed character will not be visible. However, in background, your keyboard entry against password characters will be accepted.
So, entering correct password depends upon the typing accuracy of the user. By default, password policy for Linux OS is set to the following aspects :-
- Minimum 8 characters.
- Special characters should be used.
- Numbers should be used randomly. No continuous numbers will be accepted.
- Letters should be mix of capital and small cases.
- User name should not be included in any portion of of password.
- Recommendation from the Writer. First letter should be capital.
Supporting Commands being used for applying Passwd Command in Linux
To View List of Existing Users
ls /home/
Switch to Other User
su [username]
Switch to Root User
su
Read a File
cat
To know in which User Account you are presently Logged-in
whoami
Loggin-off User Account
exit
Password Management Files of the System
The following files of the system are available for all the password related information. The files can be seen by the use of “cat” command.
- /etc/passwd – All the information of User Account.
- /etc/shadow – All the information of Secure User Account.
- /etc/pam.d/passwd – PAM configuration applied on the password
Getting User Details before applying Passwd Command in Linux
All the user accounts are being created under the “/home” directory of the system. Therefore, on applying command to view list of “/home” directory {ls /home}, it has been shown that there are total four regular user of the system, those are “babu“, “bilwadal“, “prateek” and “suraj“. Presently, the user “babu” is logged in with the system.
Using Passwd Command in Linux
passwd
Current password:
New password:
Retype new password:
Description : When user want to change his password, then firstly the current password to be asked by the system to confirm whether you are the right person of this user account. After entering the current password, you will ask to enter and re-enter new password. On entering new password followed by the password policy, the password of the user account will be changed and a confirmation phrase will be shown.
Not Following Password Policy for Passwd Command in Linux
passwd
Current password:
New password:
Retype new password:
Description : When user try to change password without using password policy, system deny to change the password and show an error regarding the issue. After applying request for changing password, if you want not to change password or you are getting error, anytime you can quit that request by pressing Ctrl+C.
Use of Passwd Command in Linux for Changing Password of Root and Other Users
Switch to Root User
su
Description: Switch to Root user is only possible if the user switching to the Root user, knows the password of Root Account. As per the diagram, after entering the password of the Root account, the user switched over to Root User.
Applying Passwd Command in Linux According to Password Policy
passwd prateek
New password:
Retype new password:
Description : Now, the current password is not being asked by the system, since the password is being changed by the administrator itself i.e., by the root user. On accurate entry of password with implication of password policy, the password will be changed successfully and a confirmation will be shown.
Applying Passwd Command in Linux Not According to Password Policy
passwd prateek
New passwd:
Retype new password:
Description: Even after entering the easy password, not according to password policy, an error of bad password will be shown but, still the system will ask to re-confirm a new password. And, after confirming, the easy password will also be accepted by the system, since the root user is changing user password in Linux.
Changing Root Password in Linux
passwd
New password:
Retype new password:
Description : In similar way, passwd command in linux may be applied for changing Root user password. Only the difference is the name of user is not required after entering the “passwd” command. On entering easy password, an alert will be shown but the password will be accepted if re-typed the same easy password.
Changing User Password in Linux by Sudo User
sudo passwd prateek
Description : First of all you have to switched to a Sudo user. After that you can change password of any user like changing password from root user. Here, also on entering easy password, an alert message will be shown but the password will be accepted on re-entering the same easy password.
Try to Change Password from any User Like Sudo User
sudo passwd prateek
Description : You will be asked to enter the password of sudo user from where you are trying to change password of user “prateek“. If the present user account will not a part of sudo user, system will deny to accept your request.
Use of Options with Passwd Command in Linux
A number of options are also available for use with Passwd Command in Linux. The following table will derive the useful options that can be used with passwd command in linux.
Command with Options | Description of Output of the Command |
---|---|
passwd -d babu | Deleting a password can be possible by the root or sudo user. |
passwd -l babu | Locking password can be possible by the root or sudo user. After locking, the user cannot logged-in with his user account even he enters correct password. |
passwd -u babu | Unlocking password can be possible by the root or sudo user. After unlocking, the password may be deleted. So, the new password may be set for the user by root user. |
passwd -e babu | This command will be used when administrator think to expire the password of a user so that the user has to forcefully set a new password on the time of logging-in with his user account. |
passwd -x 30 babu | When there is a requirement of expiring password of a user automatically after a period (30 days in this example), -x option will be used followed by the number of days. Only root or sudo user can perform this task. After 30 days, the password will automatically expire and system will ask the user to set new password by force. |
passwd -n 5 babu | This command will set minimum age of password for a user. This means before completion of 5 days (as per example), the password cannot be changed even by the user from his user account. |
passwd -w 3 babu | As per above example, a warning regarding password expiry will be shown to the user just before 3 days of actual date of expiry of password. Means, if password maximum lifetime set for 30 days, then according to above command, after 27 days, the user will see the message about expiry of password after 3 days at the time of logging-in with his user account. |
passwd -i 10 babu | After 10 days of expiration of the password, if the password will not changed, the user account will be inactive automatically. |
Use of More Important Options with Passwd Command in Linux
View Password Status of User Account
passwd -S babu
Description : The status of password of the given user will be shown. To view password information of all the account, the option “-Sa” may be used with “passwd” command. The output of password status is as under :-
- 1st word – User Name
- 2nd word – Password status (PS – Password Set, LK – Password locked, NP – No Password)
- 3rd word – Date on which password changed
- 4th Number – Minimum password age
- 5th Number – Maximum password life
- 6th Number – Number of days before warning for change of password will show
- 7th Number – Days after expiring the password, the user account will become inactive
Changing User Password with Authentication Key
passwd -k babu
Description : The password will only be changed if proper password policy applied even for the root user also.
Changing User Password without any Interruption
passwd –stdin babu
Description : The password will be changed with one time entry only. No re-entry will be asked. Also visual confirmation of correctness of input password is possible.
Getting Help regarding Passwd Command in Linux
passwd -?
passwd –help
Description : You can view and read all the available password options.
You can also visit at the following links to read more on Linux :-