DEV Community

S3CloudHub
S3CloudHub

Posted on

How to Change Your Password Securely

Changing your password in Linux is a fundamental task that every user should know. Whether you're updating your credentials for better security or resetting them for a colleague, understanding the correct methods ensures the integrity and safety of your Linux environment. Let's explore the steps to change passwords on Linux systems while following security best practices.

Why Should You Change Your Password?

Regular password updates protect your system from unauthorized access. Situations that demand a password change include:

Security breaches or compromised accounts.
Periodic updates as part of organizational policy.
Granting or revoking access for different users.

By learning the methods outlined below, you'll enhance your control over user accounts and system security.

Image description

Changing Your Own Password

Linux simplifies password changes for users with the passwd command. Here's how:

  1. Open a terminal.

  2. Type:

.passwd
Enter fullscreen mode Exit fullscreen mode
  1. Enter your current password when prompted.

  2. Provide a new password, ensuring it meets your system's complexity requirements.

  3. Re-enter the new password for confirmation.
    Once complete, Linux updates your credentials instantly.

Password Complexity Tips:

.Use a mix of uppercase, lowercase, numbers, and special characters.
.Avoid dictionary words or predictable patterns.
.Create passwords with at least 12 characters for added strength.

Changing Another User's Password (Admin Privileges Required)

System administrators can update passwords for other users using the passwd command followed by the username:

  1. Open a terminal and gain root privileges by typing:
sudo -i
Enter fullscreen mode Exit fullscreen mode
  1. Use the following command to change the user's password:
.passwd username
Enter fullscreen mode Exit fullscreen mode

Replace username with the target user's account name.

  1. Enter the new password when prompted.
  2. Confirm the password to finalize the change. Admins should always inform users to change the password after the initial login for security reasons.

Forcing Password Updates

Linux allows administrators to enforce password policies. For instance, you can require a user to change their password at the next login:

  1. Use the chage command:

sudo chage -d 0 username
Replace username with the target account name.

  1. The user will be prompted to set a new password during their next login session.

Checking Password Expiration Policies

To view a user's password policy:

sudo chage -l username
Enter fullscreen mode Exit fullscreen mode

This displays details like expiration date, minimum/maximum age, and warning periods.

Resetting Forgotten Passwords

If a user forgets their password, administrators can reset it using the following steps:

  1. Open a terminal and gain root privileges.
  2. Reset the password with:
.passwd username
Enter fullscreen mode Exit fullscreen mode
  1. Inform the user to log in and set a secure password immediately.

For cases where the root password is forgotten, you'll need to boot into recovery mode or single-user mode to reset it. This process varies by Linux distribution but typically involves editing boot parameters temporarily.

Automating Password Policies

For environments with multiple users, it's best to enforce password policies automatically:

  1. Edit the /etc/login.defs file to configure system-wide password settings such as:

.Minimum password length:

.PASS_MIN_LEN    12
Enter fullscreen mode Exit fullscreen mode

.Password expiration:

.PASS_MAX_DAYS   90
Enter fullscreen mode Exit fullscreen mode
  1. Use Pluggable Authentication Modules (PAM) for advanced policies. For example, configure password strength with the pam_pwquality module:

.sudo nano /etc/security/pwquality.conf

Adjust parameters like minlen=12 and dcredit=-1 to enforce complexity rules.

Best Practices for Password Management

.Enable two-factor authentication (2FA): Add an extra layer of security.

.Use a password manager: Safeguard and generate complex passwords.

.Avoid shared accounts: Each user should have individual credentials.

Conclusion

Mastering password management is critical for every Linux user. Whether you're updating your own password, managing user accounts, or enforcing security policies, these steps will ensure your system remains secure and efficient. Take control of your Linux environment today and embrace robust security practices!

Heroku

Simplify your DevOps and maximize your time.

Since 2007, Heroku has been the go-to platform for developers as it monitors uptime, performance, and infrastructure concerns, allowing you to focus on writing code.

Learn More

Top comments (0)

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay