Changing passwords in Linux is a basic task that every user should know. Whether you’re updating credentials to improve security or resetting credentials for a coworker, knowing the right approach can ensure the integrity and security of your Linux environment. Let’s explore the steps to change your password on a Linux system while following security best practices.
Why change your password?
Regularly updating your passwords protects your system from unauthorized access. Situations that require a password change include:
Security vulnerability Or the account has been compromised.
Regular updates as part of organizational policy.
Grant or revoke access to different users.
By learning the methods outlined below, you will gain greater control over your user accounts and system security.
Change your own password
Linux uses the passwd command to simplify password changes for users. Here’s how:
-
Open the terminal.
-
type:
.passwd
-
Enter your current password when prompted.
-
Provide a new password, making sure it meets the system’s complexity requirements.
-
Re-enter the new password to confirm.
Once completed, Linux will immediately update your credentials.
Password complexity tips:
.Mix uppercase, lowercase, numbers, and special characters.
.Avoid using dictionary words or predictable patterns.
.Create a password that is at least 12 characters long for added strength.
Change other users’ passwords (requires administrator rights)
System administrators can update other users’ passwords using the passwd command followed by the username:
- Open a terminal and gain root privileges by typing:
sudo -i
- Use the following command to change a user’s password:
.passwd username
Replace username with the account name of the target user.
- Enter your new password when prompted.
- Confirm your password to complete the change. For security reasons, administrators should always notify users to change their passwords after first logging in.
Force password update
Linux allows administrators to enforce password policies. For example, you can require users to change their password the next time they log in:
- Use chage directive:
sudo chage -d 0 username
Replace the username with the target account name.
- The user will be prompted to set a new password during the next login session.
Check password expiration policy
View a user’s password policy:
sudo chage -l username
This displays details such as expiry date, minimum/maximum period, and warning period.
Reset forgotten password
If a user forgets their password, administrators can reset it using the following steps:
- Open a terminal and gain root privileges.
- Reset password:
.passwd username
- Notify users to log in immediately and set a secure password.
If you forget your root password, you need to boot into recovery mode or single user mode to reset it. This process varies between Linux distributions, but usually involves temporarily editing startup parameters.
Automated password policy
For environments with multiple consumers, it is best to automatically enforce password policies:
- Edit the /etc/login.defs file to configure system-wide password settings, for example:
.Minimum password length:
.PASS_MIN_LEN 12
.Password expired:
.PASS_MAX_DAYS 90
- Use Pluggable Authentication Modules (PAM) to implement high-level policies. For example, use the pam_pwquality module to configure password strength:
.sudo nano /etc/security/pwquality.conf
Adjust parameters such as minlen=12 and dcredit=-1 to enforce complexity rules.
Password Management Best Practices
.Enable two-factor authentication (2FA): Add an extra layer of security.
.Use a password manager: Protect and generate complex passwords.
.Avoid sharing accounts: Each user should have separate credentials.
in conclusion
Mastering password management is crucial for every Linux user. Whether you’re updating your passwords, managing user accounts, or enforcing security policies, these steps will ensure your systems remain secure and efficient. Take control of your Linux environment and adopt strong security practices today!