In this blog post, we will explain passwd command examples in Linux.
As the name suggests passwd command in linux is used to change and set password to system users. If the passwd command is executed by non-root user then it will prompt for the current password and then allows to set new password of a user who has invoked the command. Whenever passwd command is executed by super user or root then it can reset the password for any user including root without knowing the current password.
When we run passwd command to set user’s password then user’s encrypted password string is saved in /etc/shadow file.
Syntax
# passwd {options} {user_name}
Passwd Options
1) Changing Your Own Password
The simplest and most common use of the passwd command is to change your own password. To do this, open a terminal and type passwd.
When you logged in as non-root user like ‘linuxtechi’ in my case and run passwd command then it will prompt you to enter your current password, followed by the new password twice for verification. Keep in mind that while typing the new password, no characters will be displayed for security reasons.
[linuxtechi@localhost ~]$ passwd Changing password for user linuxtechi. Changing password for linuxtechi. (current) UNIX password: New password: Retype new password: passwd: all authentication tokens updated successfully. [linuxtechi@localhost ~]$
When you logged in as root user and run passwd command then it will reset root user password and if you specify the user-name after passwd command then it will change the password of that user, example is shown below,
[root@localhost ~]# passwd [root@localhost ~]# passwd linuxtechi
Note : A regular user can also change password of root and other users provided that user is having sudo privileges. Let’s assume sysops is sudo privilege user, to change password of other users and root user, type sudo in front of passwd command, examples is shown below.
$ sudo password root // this will change root User password $ sudo password linuxtechi //this will change password of linuxtechi user
2) Display User Status Information
To display user or account status information, use -S option in passwd command. User’s status information consists of seven fields as shown below.
[root@localhost ~]# passwd -S linuxtechi linuxtechi PS 2023-07-31 0 99999 7 -1 (Password set, SHA512 crypt.) [root@localhost ~]#
In the above output first field shows the user name and second field shows Password status ( PS = Password Set , LK = Password locked , NP = No Password ), third field shows when the password was changed and last & fourth field shows minimum age, maximum age, warning period, and inactivity period for the password
3) Read New Password from Standard Input
‘–stdin’ option in passwd command can read password from standard input.
# echo '<Password-String>' | passwd <Username> --stdin
In the following example, we are giving password as input to passwd command,
[root@localhost ~]# echo 'P@#0RD@34#' | passwd linuxtechi --stdin Changing password for user linuxtechi. passwd: all authentication tokens updated successfully. [root@localhost ~]#
Note: –stdin option in passwd command is supported in RHEL based distributions. For Ubuntu / Debian based linux distributions use following,
# echo -e “newpassword\nnewpassword” | passwd <username>
Example,
root@ubuntu:~# echo -e "P@sS#0rD@123#\nP@sS#0rD@123#" | passwd linuxtechi New password: Retype new password: passwd: password updated successfully root@ubuntu:~#
4) Delete User’s Password
To delete User’s delete password via passwd command use ‘-d’ option. In the following example, we are deleting the password of ‘linuxtechi‘ user.
[root@localhost ~]# passwd -d linuxtechi Removing password for user linuxtechi. passwd: Success [root@localhost ~]# [root@localhost ~]# passwd -S linuxtechi linuxtechi NP 2023-07-31 0 99999 7 -1 (Empty password.) [root@localhost ~]#
So we can say that ‘-d’ option will make user’s password empty and will disable account.
5) Forcing Password Change on Next Login
To ensure that a user changes their password immediately upon login, use the ‘passwd’ command with the ‘–expire’ or ‘-e’ option:
[root@localhost ~]# passwd -e linuxtechi Expiring password for user linuxtechi. passwd: Success [root@localhost ~]# passwd -S linuxtechi linuxtechi NP 1970-01-01 0 99999 7 -1 (Empty password.) [root@localhost ~]#
Now try login with linuxtechi user
6) Lock User’s Password
If you suspect unauthorized access or want to temporarily restrict a user’s access, you can lock their account using the ‘passwd’ command:
Use ‘-l’ option in passwd command to lock a user’s password, it will add “!” at starting of user’s password. A user can’t change it’s password when his/her password is in locked state.
[root@localhost ~]# passwd -l linuxtechi Locking password for user linuxtechi. passwd: Success [root@localhost ~]# [root@localhost ~]# passwd -S linuxtechi linuxtechi LK 2023-07-31 0 99999 7 -1 (Password locked.) [root@localhost ~]#
7) Unlock User’s Password
To unlock user’s password, use ‘-u’ option passwd command. Example is shown below,
[root@localhost ~]# passwd -u linuxtechi Unlocking password for user linuxtechi. passwd: Success [root@localhost ~]#
8) Set Inactive Days after Password Expiry
‘-i’ option in passwd command is used to set inactive days for a system user. This will come into the picture when the password of a user is expired and user didn’t change its password in ‘n’ number of days ( i.e 10 days in my case) then user will not able to login and its account will be disabled.
[root@localhost ~]# passwd -i 10 linuxtechi Adjusting aging data for user linuxtechi. passwd: Success [root@localhost ~]# passwd -S linuxtechi linuxtechi PS 2023-07-31 0 99999 7 10 (Password set, SHA512 crypt.) [root@localhost ~]#
9) Set Minimum Days to Change User Password
In Linux, we can force system users to change its password in n number of days using ‘-n’ option in passwd command.
In the below example, linuxtechi user has to change its password in 90 days. A value of zero shows that user can change it’s password in any time.
[root@localhost ~]# passwd -n 90 linuxtechi Adjusting aging data for user linuxtechi. passwd: Success [root@localhost ~]# [root@localhost ~]# passwd -S linuxtechi linuxtechi PS 2023-07-31 90 99999 7 10 (Password set, SHA512 crypt.) [root@localhost ~]#
10) Set Warning Days Before Password Expiry
‘-w’ option in passwd command is used to set warning days for a user. It means a user will be warned for n number of days that his/her password is going to expire. In the below example, we have set 12 warning days before expiry.
[root@localhost ~]# passwd -w 12 linuxtechi Adjusting aging data for user linuxtechi. passwd: Success [root@localhost ~]# passwd -S linuxtechi linuxtechi PS 2023-07-31 90 99999 12 10 (Password set, SHA512 crypt.) [root@localhost ~]#
That’s all from this post, I hope you have found it informative and useful. Kindly do post your queries and feedback in below comments section.
Read Also : 12 Useful ‘dmidecode’ Command Examples for Linux Admin
Great examples!
The following can be used to change user password using shell script.
echo -e "newpasswordnnewpassword" | passwd usernameecho -e “newpassword\nnewpassword” | passwd username
echo newpassword | passwd username –stdin
working on Redhat based platform (Fedora, CentOS, OEL, etc.)
Can i make same current asking policy for root when using passwd command as root????
Hi Abhi,
Yes, you can make the same password policy for root user but it is not recommended to implement on root.
What is difference between passwd and usermod command. Even passwd can do same things that usermod does. then please tell the actual difference between passwd and usermod command.
while using the command passwd ,
why it showing error after changing the password or enter new password