The passwd command is used to modify the user’s password and its properties, like deleting the password, expiring the password, deactivating the account, and many more.
Also Read: Change user account password information using chage command
The owner of an account only has permission to modify its password properties, except for the root user, who can easily modify any user account password.
If you are a sudo user, you are also able to modify other users’ password properties by placing sudo in front of each command.
|Root or Sudo Privileges||Yes|
|Host System and Architecture||Ubuntu 22.10 (x64)|
|OS Compatibility||Ubuntu, Manjaro, Fedora, etc.|
|Discussed Tools in this Article|
Syntax of the Passwd Command
The passwd command takes two arguments: one is the option (optional), and the other is the username (if you want to modify the password information for the current user, you do not need to specify this).
$ passwd [OPTION] [USERNAME]
The following is the list of valid options for the passwd command.
|-a, –all||It is used with the “-S” flag to show status for all users|
|-d, –delete||It will remove the password from the user’s account (empty password)|
|-e, –expire||Immediately expire the specified user password. On their next login, the user must be forced to change their password|
|-i, –inactive||It will disable the user account after the password has expired for a number of days|
|-l, –lock||It will lock the user account, making it inaccessible|
|-u, –unlock||It will unlock the user account, making it accessible|
|-n, –mindays||Set the password change days (the default is 0)|
|-q, –quiet||Quiet mode|
|-r, –repository||Change the password in the repository|
|-R, –root||Apply changes to the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory|
|-s, –status||Display account status information|
|-w, –warndays||It will show a warning on the number of days prior to the password expiring|
|-x, –maxdays||Set the maximum number of days the password remains valid; after that, the password is required to be changed|
Changing the Current Logged-in User Password
The following command will change the current user password (if you are already using a password, you would need to specify your current password).
$ passwd Changing password for linuxtldr. Current password: New password: Retype new password: passwd: password updated successfully
To maintain privacy, the typed password will not be visible on screen.
Changing the Other User Account Password
To change another user’s account password, you must be a root or sudo user; in this example, I will use the sudo user to change the account password for the newly created user “pt1“.
$ sudo passwd pt1 New password: Retype new password: passwd: password updated successfully
From now on, we will only use the “pt1” user account to show examples of the passwd command.
Display the Current Status of the User
-S” flag is used to display the “pt1” user account status as shown.
$ sudo passwd -S pt1 pt1 P 11/24/2022 0 99999 7 -1
The following is a list of user account information.
|Username||Status||Last Changed Password||Minimum Age||Maximum Age||Warning Period||Password Inactivity Period|
There are 3 types of status, as shown:
|P||Password is set|
|L||Account is locked|
The special numbers are reserved for setting parameters for password rules.
|Special Numbers for Age||Description|
|99999||Can be changed at anytime|
Deleting the Account Password
The following command will remove the target account password, making it less meaningful (an empty password).
$ sudo passwd -d pt1 passwd: password expiry information changed.
Now anyone can easily switch to the “pt1” user account without requiring any password (unsafe).
Also Read: How to Force User to Change Their Password on Next Login in Linux
Expire the Account Password
The following command will expire the password before its expiration date, requiring the target to set up a new password on their next login.
$ sudo passwd -e pt1 passwd: password expiry information changed.
If you check the user account information, the password expiry date is set to 1970, and the status is “NP” (no password).
$ sudo passwd -S pt1 pt1 NP 01/01/1970 0 99999 7 -1
If “pt1” logs in again, he will be forced to set up a new password.
You are required to change your password immediately (administrator enforced). New password: Retype new password:
Disable Account After Password Expires
The following command will disable access to the target account after the password has expired for a certain number of days (ex: 6 days).
$ sudo passwd -i 6 pt1 passwd: password expiry information changed.
Minimum Days to Force Users to Update Their Passwords
The following command is used to specify the minimum number of days between password changes to the specified days (ex: 16 days), after which the user will be required to change their password again.
$ sudo passwd -n 16 pt1 passwd: password expiry information changed.
After 16 days, the user will be forced to change their password again.
$ sudo passwd -S pt1 pt1 P 11/24/2022 16 99999 7 -1
Maximum Days for Password Validation
The following command will set the maximum number of days before your account password is valid. After the specified number of days (ex: 26 days) has passed, the password is required to be changed.
$ sudo passwd -x 26 pt1 passwd: password expiry information changed.
Check the user account information to verify the status.
$ sudo passwd -S pt1 pt1 P 11/24/2022 0 26 7 -1
Setup Warning Message Before Password Change is Required
The following command will prompt the user with a warning message the specified number of days (ex: 10 days) prior to their password expiring.
$ sudo passwd -w 10 pt1 passwd: password expiry information changed.
Check the account status using the following command.
$ sudo passwd -S pt1 pt1 P 11/24/2022 0 99999 10 -1
Lock or Unlock the User Account
The following command will lock the user account, and no one will be able to login to that particular user account via password.
$ sudo passwd -l pt1 passwd: password expiry information changed.
It will change the account status from “P” (for password) to “L” (locked account), as shown.
$ passwd -S pt1 pt1 L 11/24/2022 0 99999 7 -1
Use the “
-u” flag to unlock the target user account.
$ sudo passwd -u pt1 passwd: password expiry information changed.
Verify the user status using the following command.
$ passwd -S pt1 pt1 P 11/24/2022 0 99999 7 -1
And that was the end of the passwd command examples.
If you have a query regarding this topic, feel free to ask in the comment section.
Join The Conversation
Users are always welcome to leave comments about the articles, whether they are questions, comments, constructive criticism, old information, or notices of typos. Please keep in mind that all comments are moderated according to our comment policy.