As we already know root is a super user that can do anything in Linux system.
It’s similar to Administrator user in Windows.
root (Super User) can change any user account password in Linux.
If you would like to change the root user password make sure you should become a root to perform it and you should have root privileges to perform it.
It can be done in two ways either passwd command or chpasswd command.
passwd command is native method to change the user password in Linux so, i also prefer to go with passwd command.
If you forgot the root password on CentOS/RHEL systems. Navigate to the following link to reset. To reset the forgotten root password on CentOS 6/RHEL 6 systems. To reset the forgotten root password on CentOS 7/RHEL 7 systems.
Type the passwd command alone in the terminal to change the root user password.
Enter the passwd command and followed by the user name to change the other users password.
When you use the passwd command, it will ask you to enter the password twice to change it.
For security reason you need to change your password frequently or at-least once in a month. Make sure you should use the hard and guess password (Alphabet Upper and Lower case letters, numbers and Special Characters (Symbols)) and your password length at-least 10-15 characters.
Method-1: Using passwd Command
The passwd command changes passwords for user accounts. passwd also changes the account or associated password validity period.
The user is first prompted for their old password, if one is present. This password is then encrypted and compared against the stored password.
The user has only one chance to enter the correct password. The superuser is permitted to bypass this step so that forgotten passwords may be changed.
After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time. If not, passwd refuses to change the password and exits.
The user is then prompted twice for a replacement password. The second entry is compared against the first and both are required to match in order for the password to be changed.
Syntax for passwd Command
passwd [Options] [UserName]
To Change the root user password.
# passwd Changing password for user root. New password: Retype new password: passwd: all authentication tokens updated successfully.
To change any other user password, type the corresponding username followed by the passwd command.
# passwd daygeek Changing password for user 2daygeek. New password: Retype new password: passwd: all authentication tokens updated successfully.
Use the below command to display the account status information.
# passwd -S daygeek daygeek PS 2019-01-13 0 99999 7 -1 (Password set, MD5 crypt.)
The status information consists of 7 fields as follows
2daygeek :Account login name (UserName)PS :This field indicates whether the user account is locked or not.Llocked password,NPUser account doesn’t have password andPSHas a usable password.2019-01-13 :Date of the last password change.0 :Password expiry minimum age.99999 :Password expiry maximum age.7 :Password expiry warning period.-1 :Inactivity period for the password
Run the below command to lock the user password.
# passwd -l daygeek Locking password for user daygeek. passwd: Success
Run the below command to check the user password. Yes, the password got locked which clearly showing LK in the below output.
# passwd -S daygeek daygeek LK 2019-01-13 0 99999 7 -1 (Password locked.)
Run the below command to unlock the user password.
# passwd -u daygeek Unlocking password for user daygeek. passwd: Success
The same has been verified by running the below command.
# passwd -S daygeek daygeek PS 2019-01-13 0 99999 7 -1 (Password set, MD5 crypt.)
Delete a user’s password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless.
# passwd -S daygeek daygeek NP 2019-01-13 0 99999 7 -1 (Empty password.)
The same has been verified by running the below command.
# passwd -S daygeek daygeek PS 2019-01-13 0 99999 7 -1 (Password set, MD5 crypt.)
Method-2: Using chpasswd Command
The chpasswd command allow us to update passwords in batch mode. The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users.
Make sure you should update the username and password in the following format.
UserName:Password
By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present.
By default, passwords are encrypted by PAM. chpasswd first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user.
This command is intended to be used in a large system environment where many accounts are created at a single time.
There is no difference to update password for root or other users. We need to use the standard format for all users.
Run the following command to update the root user password using chpasswd command. Finally hit Ctrl+d to update the password and exit it.
# chpasswd root:root@123
Run the following command to update the daygeek user password using chpasswd command. Finally hit Ctrl+d to update the password and exit it.
# chpasswd daygeek:daygeek@123
