How to manage user passwords from Terminal in Linux

Like many things on Linux, passwords are easily managed directly from the command line. The passwd utility is designed to allow you to quickly and easily access all password-related commands on the system. You can use it to change and manage your password and other user passwords on the system. In addition, you can use it to turn off password authentication for a specific user, lock user accounts and set the required password expiration time to keep the system safe. This article will show you how to use the passwd utility to manage passwords in Linux.

Change the password

First, the simplest job you can do with the passwd utility is to change your password with the passwd command only.

 passwd 

How to manage user passwords from Terminal in Linux Picture 1

It will ask you to provide your current password followed by your new password.

Change the password of another user

With root or sudo, you can also change someone else's password. You only need to provide the account username you want to change for passwd.

 sudo passwd username 

Note : Usename is the username

How to manage user passwords from Terminal in Linux Picture 2

With this command, you do not need to provide the current password. It only requires you to set up a new password.

Lock user account password

You can easily lock a user's account by locking their password. This will prevent them from logging in with a password. Other methods, like SSH keys, will still work. To lock an account, you will need sudo and -l flag.

 sudo passwd -l username 

You can also unlock your account with the -u flag.

 sudo passwd -u username 

Lock root permissions

If for security reasons, you want to block all access to the root account, so that sudo is the only way to manage the system, you can do that with the following command:

 sudo passwd -l root 

It works similarly to other users.

Do not use a password

You can also choose to set up user accounts without a password. But this is not a good idea for security, but you can avoid a lot of trouble like having a multimedia computer that you don't need to be secure that way. To do this, use passwd with a simple flag to delete the user password.

 sudo passwd -d username 

Set a time limit for user passwords

Setting a password deadline is quite common. This is a good security measure, preventing old users' passwords from entering the system. If you are running a business-based system, it is difficult to control their passwords and whether they will enter the system. Requiring them to change passwords after a certain period of time will force users to refresh their passwords and reduce the risk of violations.

How to manage user passwords from Terminal in Linux Picture 3

Use the -x flag followed by the number of days you want the user password to be valid.

 sudo passwd -x 30 usernames 

The above command sets the time when the user password will expire after 30 days.

How to manage user passwords from Terminal in Linux Picture 4

You can also set up a system to alert users that their password is about to expire. Use the -w flag with the number of days before it expires to automatically alert users to change their password.

 sudo passwd -w 5 username 

If you know there is a problem with the user's password, you can automatically make their password expire. This will force them to set a new password immediately.

 sudo passwd -e username 

Passwd is an invaluable tool for Linux administrators. Even if you don't run an enterprise server, you can still take advantage of passwd to keep your personal computer safer.

I wish you all success!

See more:

1. Secure passwords on UNIX and LINUX networks
2. 10 ways to generate random passwords in Linux from the command line
3. Turn off the Password Lock screen in Ubuntu