Chapter 4. User, Group and Permission

Passwd (Set Password)

Passwd (Set Password)
Tag:
course iconBack to the course page

The passwd (PASSWorD) command is used to set up or change the user password. When you create a new password, you need to run it with superuser privileges. Once a password is generated, the user can log in to the system. The user can change the password with this command. With this command, the superuser (or sudoers) can control users' login (e.g., lock and unlock the user's account, delete or overwrite the user's password, set password expiry, etc.)

Creating a new password by the superuser

After creating a new user, you can create a password for the user. To create a new password, run the command with the superuser account or use the sudo prefix command like the one below.

Command Line - INPUT
sudo passwd user_a

You'll be asked a password twice to create a new password.

Command Line - INTERACTIVE
New password: 
Retype new password: 
passwd: password updated successfully

Change a password by the user

A normal user can also change their password itself. Let's go through the process using user_a created.

To see how to change a password, first, switch to user_a. You need to type a password to switch to user_a. To confirm that user_a is the current user, run the id command. The id command gives you the current user's user ID and group ID.

Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password:
Command Line - INPUT
id
Command Line - RESPONSE
uid=1001(user_a) gid=1001(user_a) groups=1001(user_a)

To change the user_a's password, run the passwd command. You need to type the current password followed by a new password twice.

Command Line - INPUT
passwd
Command Line - INTERACTIVE
Changing password for user_a.
Current password: 
New password: 
Retype new password: 
passwd: password updated successfully

Manage account login

The superuser (root) has privileges to manage user passwords. For example, the superuser (or sudoers) can overwrite a user's password without typing the user's current password like in the example below.

Command Line - INPUT
sudo passwd user_a
Command Line - INTERACTIVE
New password: 
Retype new password: 
passwd: password updated successfully

There are other actions the superuser (or sudoers) can do

  • -d : delete a normal user's password
  • -l: lock a user's account
  • -u : unlock a locked user's account
  • -e: make a user's password expire

Here is an example of locking and unlocking a user.

-l option

You can see that authentication failure when trying to switch to user_a after locking the account using the -l option.

Command Line - INPUT
sudo passwd -l user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password: 
su: Authentication failure

-u option

Using the -u option, you can unlock the user.

Command Line - INPUT
sudo passwd -u user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password:
$

After typing the password, you can switch to user_a.

-e option

Here is an example of a user's password expiration. You can see that you need to change the password to user_a when you switch the user account to user_a.

Command Line - INPUT
sudo passwd -e user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a

First, the command line will ask for the current password of user_a.

Command Line - INTERACTIVE
Password:

After typing the password, the command line will ask to change the password.

Command Line - INTERACTIVE
You are required to change your password immediately (administrator enforced)
Changing password for user_a.
Current password: 
New password: 
Retype new password:

The passwd (PASSWorD) command is used to set up or change the user password. When you create a new password, you need to run it with superuser privileges. Once a password is generated, the user can log in to the system. The user can change the password with this command. With this command, the superuser (or sudoers) can control users' login (e.g., lock and unlock the user's account, delete or overwrite the user's password, set password expiry, etc.)

Creating a new password by the superuser

After creating a new user, you can create a password for the user. To create a new password, run the command with the superuser account or use the sudo prefix command like the one below.

Command Line - INPUT
sudo passwd user_a

You'll be asked a password twice to create a new password.

Command Line - INTERACTIVE
New password: 
Retype new password: 
passwd: password updated successfully

Change a password by the user

A normal user can also change their password itself. Let's go through the process using user_a created.

To see how to change a password, first, switch to user_a. You need to type a password to switch to user_a. To confirm that user_a is the current user, run the id command. The id command gives you the current user's user ID and group ID.

Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password:
Command Line - INPUT
id
Command Line - RESPONSE
uid=1001(user_a) gid=1001(user_a) groups=1001(user_a)

To change the user_a's password, run the passwd command. You need to type the current password followed by a new password twice.

Command Line - INPUT
passwd
Command Line - INTERACTIVE
Changing password for user_a.
Current password: 
New password: 
Retype new password: 
passwd: password updated successfully

Manage account login

The superuser (root) has privileges to manage user passwords. For example, the superuser (or sudoers) can overwrite a user's password without typing the user's current password like in the example below.

Command Line - INPUT
sudo passwd user_a
Command Line - INTERACTIVE
New password: 
Retype new password: 
passwd: password updated successfully

There are other actions the superuser (or sudoers) can do

  • -d : delete a normal user's password
  • -l: lock a user's account
  • -u : unlock a locked user's account
  • -e: make a user's password expire

Here is an example of locking and unlocking a user.

-l option

You can see that authentication failure when trying to switch to user_a after locking the account using the -l option.

Command Line - INPUT
sudo passwd -l user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password: 
su: Authentication failure

-u option

Using the -u option, you can unlock the user.

Command Line - INPUT
sudo passwd -u user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a
Command Line - INTERACTIVE
Password:
$

After typing the password, you can switch to user_a.

-e option

Here is an example of a user's password expiration. You can see that you need to change the password to user_a when you switch the user account to user_a.

Command Line - INPUT
sudo passwd -e user_a
Command Line - RESPONSE
passwd: password expiry information changed.
Command Line - INPUT
su user_a

First, the command line will ask for the current password of user_a.

Command Line - INTERACTIVE
Password:

After typing the password, the command line will ask to change the password.

Command Line - INTERACTIVE
You are required to change your password immediately (administrator enforced)
Changing password for user_a.
Current password: 
New password: 
Retype new password:
Tag:
course iconBack to the course page
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share