How to Change User Password in Linux

Updated 

3 min read

This tutorial will show you how to change a user password in Linux. We will also cover how to force a user to change their password the next time they login. The examples provided in the tutorial should work with any Linux distribution.

Introduction

To change the password of a user account in Linux you can use the passwd command. The encrypted users’ passwords as well as other passwords related information are stored in the /etc/shadow file.

As a normal user, you can only change your own password. The root user and users with sudo privileges can change another user’s passwords and define how that user’s password can be used or changed.

When changing the password make sure you’re using a strong and unique password. Having a strong password is the most important thing you can do to secure your account. Often a strong password has at least 16 characters, use at least one uppercase letter, one lowercase letter, one number and one special character.

Change Your User Password

To change your user’s account password run the passwd command without any options:

passwd

You will be prompted to enter your current password. If the password is correct, then you will be asked to enter and confirm the new password.

Passwords are not shown on the screen when you enter them.

The next time you log in to your system, use the new password.

Change Another User’s Password

As we mentioned in the introduction, only the root user and users with sudo accesses can change the password of another user account. The following example assumes that you are logged in as a user with sudo privileges.

To change the password of another user account, run the passwd command followed by the username. For example, to change the password of a user named linuxize, run the following command:

sudo passwd linuxize

You will be prompted to enter and confirm the new password:

Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

Force User to Change Password at Next Login

By default, passwords are set to never expire. If you want to force a user to change their password the next time they log in, use the passwd command with --expire option followed by the username of the user:

sudo passwd --expire linuxize

The command above will immediately expire a user account’s password.

The next time the user tries to login with the old password they will be shown a message forcing them to change the password:

ssh linuxize@192.168.121.209
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for linuxize.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Connection to 192.168.121.209 closed.

Once the user sets a new password the connection will be closed.

Conclusion

In this tutorial, you have learned how to change user’s passwords and how to set password expiry. For security reasons, it is recommended to update your password on a regular basis and use a unique password for each account.

You can find more information about the passwd command, on the Linux passwd man page.