How to Change Your Linux Password Like a Pro

Change Your Linux Password: A Beginner’s Guide

by

Key takeaway: Changing a Linux password is a relatively simple process — but only if you are aware of what you are doing. However, for novices, navigating through the complex terminal interface can be daunting. Fortunately, you can use the passwd command in Linux to change the password.

However, you’re not limited to using the command line utility only. Linux offers diverse approaches for password modifications, spanning command-line utilities and graphical user interfaces (GUIs).

In this guide, we’ll explore various techniques for changing passwords in Linux, along with instructions on modifying another user’s password and enforcing a password reset.

Prerequisites

Below, I have shared a couple of prerequisites that are not essential but good have —

  • Linux Machine – While this tutorial references Ubuntu 22.04 LTS, the procedures are applicable across various Linux distributions. The only difference you may notice is changing the password using the GUI, but there, as well, the basic steps remain consistent.
  • sudo Privilege – You don’t need sudo privilege if you are trying to change the password of your own account. But if you want to change the password of somebody else, you would need it.

Change Linux Password Using GUI

The graphical user interface (GUI) method is most suitable for those new to Linux.

While the exact steps for changing passwords using GUI may vary among different distributions, the basic process remains generally consistent.

Below are the steps for changing the password on Ubuntu 22.04 LTS –

  • First of all, open the Activities overview by clicking on the grid of dots located in the bottom left corner.
  • Type Users in the search bar and select the Users option when it appears. It may ask you to authenticate by entering your password. Do that.
  • Choose the user account for which you wish to change the password (if changing for another user).
  • Click on the dots (…) next to Password.
  • Enter your current password, followed by the new password twice (once in each field). You can use the eye icon next to the password fields to see what you’re typing.
  • Click on the Change button to change the new password.

Change Password in Linux Command Line Using Terminal

Performing administrative tasks on Linux often involves using the Terminal, and resetting passwords is no exception.

While the GUI provides a straightforward approach, it’s worth noting that its consistency across different Linux distributions can vary.

On the contrary, terminal commands offer a standardized method across all distributions, whether you’re changing your own password, resetting another user’s password, or recovering a forgotten root account password.

To change your user account password, follow these steps –

  • First of all, launch the Terminal.
  • Type the passwd command and hit Enter to initiate the password change process.
  • You’ll be asked to enter your current password. Type that and hit Enter.
  • You’ll be then asked to enter the New Password. Type it and hit Enter.
  • Retype the new password and press Enter to confirm.

If the passwords match, the system will update the password, and you should receive a confirmation message.

Changing the Password of a Different User

It’s common practice to have multiple user accounts on a Linux system, especially on servers, and occasionally, users may require their Linux passwords to be reset.

To reset a password in Linux for a user other than root, you can utilize the passwd command followed by the username of that user.

For instance, let’s assume you have a user account with their username as username, and you need to change their password.

In that scenario, you need to follow these steps –

  • First of all, fire up the Terminal.
  • Next, execute the following command.
    sudo passwd username
    Here, sudo grants superuser privileges to execute the subsequent passwd command, while username representing the target user’s username.
  • Upon prompt, you need to enter the sudo account password and hit Enter, confirming your intent to run the command as a superuser.
  • After that, you will be asked to enter the new password. Do that.
  • Retype the new password and press Enter to confirm.

Upon successful confirmation, you’ll receive a notification indicating that your password has been updated successfully.

It’s important to note that until the user changes their password, only you’ll retain access to their user account, which could be an issue and a potential security risk.

To mitigate this, you should immediately expire the user’s new password, prompting them to change it during their next login attempt.

To enforce a password change upon the user’s next login, execute the following command in the Terminal, utilizing the -e parameter to promptly expire the new password:

sudo passwd username -e

You can then provide the user with the new (temporary) password and tell them to change the password during their next login for enhanced security.

Changing Linux Password for Multiple Users

If you’re tasked with updating passwords for multiple users in Linux, you can leverage the chpasswd tool, designed specifically for batch password changes.

Follow these steps to change Linux passwords for multiple users:

  • Launch the Terminal and run the command sudo chpasswd.
  • Input the usernames and their corresponding new passwords using the following format to specify the changes for each user.
<user_1>:<new_password_for_user_1>
<user_2>:<new_password_for_user_2>
<user_3>:<new_password_for_user_3>

Once all the changes are entered, press CTRL + D on your keyboard to execute and apply changes.

Changing Group Password in Linux

Although group passwords are not a common practice in Linux, it is a thing used for specific purposes. These are generally used when permissions and access controls are primarily managed through user accounts and group memberships, each associated with its password.

In such a case, if you want to change a group password in Linux, you can use the gpasswd command with the -p option.

Here are the steps that you need to follow –

  • Open the Terminal.
  • Execute the following command.
    sudo gpasswd -p newPassword groupName
    Here, you need to replace the newPassword with the password that you want to set for the group and groupName with the name of the group.

Besides that, you will need administrative access to make such changes, and therefore, we are using the sudo.

gpasswd Command Options

The gpasswd command in Linux offers various options for managing group passwords and memberships.

Here, I have listed all of the available options –

-a, –add USERAdds a user to a specified group
-d, –delete USERRemoves a user from a specified group
-A, –administrators ADMINSets group administrators
-M, –members MEMBERSSets the list of group members
-R, –restrictRestricts group membership to the members specified with the -M option
-r, –remove-passwordRemoves the group password
-P, –passwordSets the group password
-S, –syncSynchronizes the members of a group

Change the Linux User Password Without the Old One

Sometimes, situations arrive when you need to change the password of a user because they have forgotten their login credentials. This process is straightforward, particularly when logged in as a root or sudo user, granting access to the passwd [username] command for password alteration.

It’s important to note that non-root sudo users have to use the sudo passwd command instead. And they further have to provide their sudo password to execute the command successfully.

However, complications may arise if the system utilizes LDAP authentication, as the command might necessitate the forgotten password of the user in question.

For instance, suppose you have to update the password for a regular user named Mark. After executing the sudo passwd Mark command in the terminal, you’ll be asked to enter Mark’s current password.

To get out of such a situation, you can change the password directly within the /etc/shadow file.

Disclaimer – Although it is technically possible to change another user’s password by directly modifying the /etc/shadow file, it’s not recommended due to security risks and the complexity involved in handling password encryption. The /etc/shadow file contains encrypted passwords and other user account information, and any incorrect modification can lead to system instability or compromise.

Having said that, if you still need to proceed with caution, you can follow these steps –

  • Before making any changes, it’s essential to create a backup of the /etc/shadow file. This ensures that you can revert to the original state if anything goes wrong. You can use the cp command to create a backup.
    sudo cp /etc/shadow /etc/shadow.backup
  • Determine the username of the user whose password you want to change.
  • Open the /etc/shadow file using a text editor with root privileges, such as sudo nano or sudo vi. Locate the entry corresponding to the user whose password you want to change.
  • In the /etc/shadow file, each line represents a user account, and the password field contains the hashed password. Replace the existing hashed password with the new hashed password. The hashed password should be generated using the crypt function or another suitable method.
    Note: Generating hashed passwords manually can be complex and error-prone. It’s recommended to use a tool or utility that handles password encryption securely.
  • After making the necessary modifications, save the changes to the /etc/shadow file and exit the text editor.
  • Attempt to log in to the user account with the new password to verify that the changes were successful.
  • Keep an eye on system logs and monitor for any unexpected behavior or errors that may arise following the password change.

Again, remember that modifying system files like /etc/shadow directly can have significant implications for system security and stability. Therefore, exercise caution and ensure that you have a thorough understanding of the processes involved before proceeding.

Whenever possible, it’s best to use standard system utilities like passwd to manage user passwords.

Force User to Change Password at Next Login

What if you are in a situation where one of your users hasn’t changed his password for a while or is reusing the same one across multiple platforms? Well, that’s a bad situation, especially in terms of security.

By default, passwords in Linux are configured to never expire. Therefore, you need to manually ask users to change their password or you can manually expire their current password.

To prompt a user to change their password upon their next login, you can utilize the passwd command with the --expire option followed by the username of the user.

For instance, you can have a look at the following command –

sudo passwd --expire username

Here, you need to replace username with the username of the user.

Upon the user’s next login attempt using their old password, they’ll encounter a message prompting them to change their password.

The message will appear something like this –

WARNING: Your password has expired.
You must change your password now and login again!
Changing password for username.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:

After the user changes their password, the session will be terminated immediately, and they’ll be able to log in using their newly updated password.

Check Linux User Password Change Status

Now that you’re acquainted with using the passwd command to manage user passwords in Linux, did you know you can also utilize it to check when a specific user last changed their password?

It’s a valuable practice, and you can easily obtain this information by executing the passwd -S username command.

The result you will receive after executing this command will be something like –

username P 03/21/2022 0 99999 7 -1

Here,

  • username: Represents the login or account name.
  • P: Indicates the password status. For instance, ‘P’ means the user has a usable password. ‘L’ indicates a locked password for the user account, while ‘NP’ means no password is set.
  • 03/21/2022: Shows the date of the last password change.
  • 0: Represents the minimum age for the user’s password.
  • 99999: Reflects the maximum age for the user’s password.
  • 7: Specifies the warning period for the password. This indicates the number of days given to the user to change their password before it expires and their account becomes locked, as detailed in the subsequent field.
  • -1: Denotes the number of days after a password expires before it is locked.

Remember to replace the username with the actual username when using this command. This information offers valuable insights into the password-related settings for the specified user.

Best Password Security Practices

Having a robust password is essential for safeguarding your system against unauthorized access.

Here, I have shared some of the tips to ensure you have a strong and powerful password –

  • Length: Forget the 8-character minimum, aim for 12 or more. The longer, the harder to crack.
  • Mix it Up: Incorporate a combination of uppercase and lowercase letters, numbers, and special characters. This diversifies the password’s complexity, making it more challenging to decipher through brute-force methods.
  • Use Passphrase: Remembering passwords can be a task, and that’s where passphrases can be a lifesaver. For example, “MyDogLovesPeanutButter#123!” is way stronger (and cuter) than “P@ssw0rd1”.
  • Uniqueness: Create different passwords for each account or service you utilize. Reusing passwords across multiple accounts can cause serious complications in the event of one account being breached.
  • Periodic Password Changes: Establish a routine for changing your password at regular intervals, such as every 90 days. Regular updates mitigate the risk of prolonged compromise.
  • Implement Two-Factor Authentication (2FA): Introduce an additional layer of security by mandating a second form of authentication, such as a temporary code generated by a mobile app or sent via SMS.
  • Maintain System Updates: Consistently apply the latest security patches and updates to your Linux system. This practice minimizes vulnerabilities that malicious actors could exploit, bolstering overall system resilience.

Conclusion

There you have it – a comprehensive guide outlining various methods for changing passwords in Linux.

Maintaining a secure Linux system involves periodically updating your password.

By following the straightforward steps outlined in this article, you can efficiently modify your password to meet strength and complexity requirements.

Ensure your password is lengthy, distinct, and avoids common words or personal details to enhance security.

Additionally, consider implementing regular password updates, employing two-factor authentication, and utilizing password management tools to further bolster system security.

With that said, here I am wrapping up this article. If you have any questions, feel free to shoot them in the comment section below.

Photo of author
Authored by Rohit Sharma
Rohit holds 7+ years of exprience in freelance blog writing. He is a Computer Science Engineer, but his love and passion for reading and writing about technology made him choose the path of freelance tech writing. Besides, he also holds 3+ years of experience in SEO editing and planning.

Xtreme Download Manager Review – Is It Safe?

Easily Install LibreOffice on Ubuntu Linux: A Beginner’s Guide

Eeebuntu is your go-to resource for all things Linux. From how-to guides to tool comparisons, we provide valuable insights, tips, and tutorials to help you navigate the world of Linux distributions.

Join our community and unlock the potential of open-source computing.

© 2024 Eeebuntu

About UsPrivacy PolicyContactAdvertiseSitemap