In this guide we’ll explain how to change a user password in Linux. We will also show you how to force users to change their password the next time they log in.

The instructions should work on any Linux distribution, including Ubuntu, Debian, and CentOS.

Introduction

In Linux, you can change the password of a user account with the passwd utility.

The encrypted users’ passwords, as well as other passwords related information, are stored in the /etc/shadow file.

As a regular user, you can only change your own password. The root user and users with sudo privileges can change another user’s passwords and define how the password can be used or changed.

When changing the password, make sure you’re using a strong and unique password.

Having a strong password is the most important thing you can do to secure your account. Often a strong password has at least 16 characters and contains at least one uppercase letter, one lowercase letter, one number, and one special character.

For security reasons, it is recommended to update your password on a regular basis and use a unique password for each account.

Change Your User Password

To change your own user’s account password, run the passwd command without any arguments:

passwd

You will be prompted to enter your current password. If the password is correct, the command will ask you to enter and confirm the new password.

Passwords are not shown on the screen when you enter them.

The next time you log in to your system, use the new password.

Change Another User’s Password

As we mentioned in the introduction, only the root user and users with sudo access can change the password of another user account.

The following example assumes that you are logged in as a user with sudo privileges.

To change the password of another user account, run the passwd command, followed by the username. For example, to change the password of a user named linuxize, run the following command:

sudo passwd linuxize

You will be prompted to enter and confirm the new password:

Enter new UNIX password:
Retype new UNIX password:

On success, the command will print something like this:

passwd: password updated successfully

Force User to Change Password at Next Login

By default, passwords are set to never expire. To force a user to change their password the next time they log in, use the passwd command with --expire option followed by the username of the user:

sudo passwd --expire linuxize

The command above will immediately expire the user password.

The next time the user tries to login with the old password, they will be shown a message forcing them to change the password:

ssh [email protected]
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for linuxize.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Connection to 192.168.121.209 closed.

Once the user sets a new password, the connection will be closed.

Conclusion

In this tutorial, you have learned how to change user’s passwords and how to set password expiry.

You can find more information about the passwd command, by typing man passwd in your terminal or visiting the Linux passwd man page.

If you have any questions or feedback, feel free to leave a comment.