DEV Community

S3CloudHub
S3CloudHub

Posted on

How to Change Your Password Securely

Changing your password in Linux is a fundamental task that every user should know. Whether you're updating your credentials for better security or resetting them for a colleague, understanding the correct methods ensures the integrity and safety of your Linux environment. Let's explore the steps to change passwords on Linux systems while following security best practices.

Why Should You Change Your Password?

Regular password updates protect your system from unauthorized access. Situations that demand a password change include:

Security breaches or compromised accounts.
Periodic updates as part of organizational policy.
Granting or revoking access for different users.

By learning the methods outlined below, you'll enhance your control over user accounts and system security.

Image description

Changing Your Own Password

Linux simplifies password changes for users with the passwd command. Here's how:

  1. Open a terminal.

  2. Type:

.passwd
Enter fullscreen mode Exit fullscreen mode
  1. Enter your current password when prompted.

  2. Provide a new password, ensuring it meets your system's complexity requirements.

  3. Re-enter the new password for confirmation.
    Once complete, Linux updates your credentials instantly.

Password Complexity Tips:

.Use a mix of uppercase, lowercase, numbers, and special characters.
.Avoid dictionary words or predictable patterns.
.Create passwords with at least 12 characters for added strength.

Changing Another User's Password (Admin Privileges Required)

System administrators can update passwords for other users using the passwd command followed by the username:

  1. Open a terminal and gain root privileges by typing:
sudo -i
Enter fullscreen mode Exit fullscreen mode
  1. Use the following command to change the user's password:
.passwd username
Enter fullscreen mode Exit fullscreen mode

Replace username with the target user's account name.

  1. Enter the new password when prompted.
  2. Confirm the password to finalize the change. Admins should always inform users to change the password after the initial login for security reasons.

Forcing Password Updates

Linux allows administrators to enforce password policies. For instance, you can require a user to change their password at the next login:

  1. Use the chage command:

sudo chage -d 0 username
Replace username with the target account name.

  1. The user will be prompted to set a new password during their next login session.

Checking Password Expiration Policies

To view a user's password policy:

sudo chage -l username
Enter fullscreen mode Exit fullscreen mode

This displays details like expiration date, minimum/maximum age, and warning periods.

Resetting Forgotten Passwords

If a user forgets their password, administrators can reset it using the following steps:

  1. Open a terminal and gain root privileges.
  2. Reset the password with:
.passwd username
Enter fullscreen mode Exit fullscreen mode
  1. Inform the user to log in and set a secure password immediately.

For cases where the root password is forgotten, you'll need to boot into recovery mode or single-user mode to reset it. This process varies by Linux distribution but typically involves editing boot parameters temporarily.

Automating Password Policies

For environments with multiple users, it's best to enforce password policies automatically:

  1. Edit the /etc/login.defs file to configure system-wide password settings such as:

.Minimum password length:

.PASS_MIN_LEN    12
Enter fullscreen mode Exit fullscreen mode

.Password expiration:

.PASS_MAX_DAYS   90
Enter fullscreen mode Exit fullscreen mode
  1. Use Pluggable Authentication Modules (PAM) for advanced policies. For example, configure password strength with the pam_pwquality module:

.sudo nano /etc/security/pwquality.conf

Adjust parameters like minlen=12 and dcredit=-1 to enforce complexity rules.

Best Practices for Password Management

.Enable two-factor authentication (2FA): Add an extra layer of security.

.Use a password manager: Safeguard and generate complex passwords.

.Avoid shared accounts: Each user should have individual credentials.

Conclusion

Mastering password management is critical for every Linux user. Whether you're updating your own password, managing user accounts, or enforcing security policies, these steps will ensure your system remains secure and efficient. Take control of your Linux environment today and embrace robust security practices!

Top comments (0)