How to change User password in Linux Server

How to change User password in Linux Server (CentOS, Redhat, Ubuntu, Debian Servers)

 
On Linux servers, we use ‘passwd’ command to set and change the password of the user. On CentOS servers, passwd command is installed by default and it is provided by the ‘passwd’ package.

 

# rpm -qa | grep passwd
passwd-0.79-4.el7.x86_64
 
Linux root user can change password of any user on the server by using the ‘passwd’ command. Non-root users cannot change password of other users on the server, they can only change their own password.

The password of a user is saved in the /etc/shadow file on Linux servers. Passwords are saved in encrypted format in shadow file so even the root user can’t view the password in text format.

Best practices :

1. Never store user password in text files. Always save the password in encrypted format.

2. Hackers might try to crack the user password if firewall is not installed on your server, so always set a strong password for the Linux user. Use a combination of upper case letter, lower case letter, numbers and special character when you set the password.

3. Linux user password should be more than 8 characters. You might see the warning “BAD PASSWORD: The password is shorter than 8 characters” if you set a short password for the user.

Example :
 

# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
 
4. You will see error “BAD PASSWORD: The password fails the dictionary check – it is based on a dictionary word” if you try to set a dictionary word as password. You must never set dictionary words as user password.

example :

 

# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password fails the dictionary check – it is based on a dictionary word
Retype new password:

 

How to change password of root user

 
Step 1: Log into server as ‘root’ user

Step 2: Type the command ‘whoami’ to make sure you are logged in as ‘root’ user

 

# whoami
root

 

Step 3: Type the ‘passwd’ command in terminal to change the root password.

Users with ‘sudo’ privilege can change the password of other users in the server using command ‘sudo passwd [username]’

 

# passwd
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

 

You can also run the command ‘passwd root’ to change the root password.

 

# passwd root
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

 

When you run the passwd command, you will see a ‘New password:’ prompt to enter the new password of the user.

 

How to change password of a non-root Linux user as ‘root’ user

 

Root user can change the password of other users on the server.

Step 1 : Log into Linux server as ‘root’ user

Step 2 : Run the command ‘passwd [username]’ to change the password of user

Example :

Run the below command to change the password of user ‘sam’

 

# passwd sam
Changing password for user sam.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

 

Steps to change password when you are logged in as user

 

When you login as ‘user’ and try to change the password, it will ask for ‘Current UNIX password’.

Step 1 : Run the command ‘whoami’ see the logged in username.

 

$ whoami
sam

 

Step 2 : Enter a password that is not similar to old password.

If you enter the password that is similar to the current one then you will see the error “BAD PASSWORD: The password is too similar to the old one”.

Step 3 : Just type the ‘passwd’ command in the terminal.

Example :

 

$ passwd
Changing password for user sam.
Changing password for sam.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.