passwd Command in Linux with Examples

This tutorial explains Linux “passwd” command, options and its usage with examples.

passwd – Allows you to change your password.

DESCRIPTION

The Linux passwd command is used to change the password for a user account. A user can only change the password of his/her account but the superuser can change the password of any account. Besides changing password, this command can change other information like password validity etc.

It is a good idea to change your password every month or at least every four months. Make sure you use combination of alphabets (upper and lower case characters), numbers, and special characters as a password to safeguard your account. You should choose a password of at least ten characters. Do not write down your username and password. Do not share your password or send anyone via email, even if the email or sysadmin requesting your password seems official.

SYNOPSIS

passwd
OR

advertisement
advertisement

passwd {userName}

OR

passwd [option] userNameHere

OPTIONS

-a
Show password attributes for all entries. Use only with the -s option; name must not be provided.

-d
Deletes password for name. The login name will not be prompted for password. It is only applicable to the files repository.

-l
Locks password entry for name.

-e
Change the login shell.

-f
Force the user to change password at the next login by expiring the password for name.

advertisement

-h
Change the home directory.

-n min
Set minimum field for name. The min field contains the minimum number of days between password changes for name. If min is greater than max, the user may not change the password. Always use this option with the -x option, unless max is set to -1 (aging turned off). In that case, min need not be set.

-s
Displays information including your username and if you do/don’t have a password (This command will not actually show the password.)

Below is the format the password information for the login id will be displayed:

name status mm/dd/yy min max warn

advertisement
name The login ID of the user.
status Status of the name:

   PS = Passworded
   LK = Locked
   NP = No Password

mm/dd/yy The month date and year that the password was last changed. This information is derived from the Greenwich Mean Time (Universal Time) and therefore may differ by as much as a day in some times zones.
min The minimum number of days between password changes.
max The maximum number of days the password is valid for the name.
warn The number of days relative to max before the passwd uses pam for password management.

w warn
Set warn field for name. The warn field contains the number of days before the password expires and the user is warned. This option is not valid if password aging is disabled.

-x max
Set maximum field for name. The max field contains the number of days that the password is valid for name. The aging for name will be turned off immediately if max is set to -1. If it is set to 0, then the user is forced to change the password at the next login session and aging is turned off.

name
Login ID of user

EXAMPLES

1. Change Your Own Password

The Unix will prompt you for your old password, ask for a new password, and force you to repeat your new password for verification. Please note that Unix passwords are case sensitive. The above command will change the password only on the computer or server you are currently using.

Changing password for abc.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

2. Change password of other account

For this root access is needed.

# passwd guest
Changing password for guest.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

3. Display the account status information

$ passwd -S
abc P 11/08/2013 0 99999 7 -1

The status information consists of 7 fields as follows:

abc : Account login name (username)
P : This field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P)
11/08/2013 : Date of the last password change.
0 : Password expiry minimum age
99999 : Password expiry maximum age.
7 : Password expiry warning period.
-1 : Inactivity period for the password

4. Delete an account password

# passwd -d guest
passwd: password expiry information changed.

-d option deletes the password by changing the password expiry information.

5. Immediately expire the account password

# passwd -e guest
passwd: password expiry information changed.

Once this is done, user will be forced to change the password the next time they log in.

6. Perform actions quietly

If we do not want the passwd command to output any extra information as output then we can choose to do so by using the -q option.

Consider the example below :

# passwd -eq guest
#

So we see that we used the -q option along with the expiry changer -e option. And when the command was run, there was no information produced in the output. So we see that -q made the passwd command to work quietly.

Sanfoundry Global Education & Learning Series – 1000 Linux Tutorials.

If you wish to look at all Linux commands and their usage examples, go to Linux Commands Tutorial.

If you find any mistake above, kindly email to [email protected]

advertisement
advertisement
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.