Password Management in Linux


A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource, which is to be kept secret from those not allowed access.

passwd command

The passwd command is used to create and change the password of a user account. A normal user can run passwd to change their own password, and a system administrator (the superuser ROOT) can use passwd to change another user’s password, or define how that account’s password can be used or changed.



Changing the password for a normal user

When you logged in as non-root user like jessicaa in my case and run passwd command then it will reset password of logged in user.


When you logged in as root user and run passwd command then it will reset the root password by default and if you specify the user-name after passwd command then it will change the password of that particular user.

Displaying  Password Status Information

To display password status information of a user , use -S option in passwd command.


In the above output first field shows the user name and second field shows Password status (PS = Password Set , LK = Password locked , NP = No Password ), third field shows when the password was changed and last & fourth field shows minimum age, maximum age, warning period, and inactivity period for the password.

Removing password of a User

We can remove the password for particular user by using one of the option -d


Locking the password of System User

Use  -l  option in passwd  command to lock a user’s password.


Unlocking the password of System User

Use -u option to unlock the user.


Setting inactive days 

Use -i option along with  passwd command to set inactive days for a system user. This will come into the picture when password of user  expired and user didn’t change its password in ‘n‘ number of days ( e.g 7 days)  then after that user will not able to login.


Setting Minimum No. of Days to Change Password 

Using the option -n  we can set the minimum number of days to change the password. A value of zero shows that user can change its password in any time. For me, I set a 100 days to change my password.


Setting the  Warning days before password expire 

Using the option -w along with passwd can be used to set the warning days before the password expires.


Changes made with the account

To see changes made in the use the command chage -l user. This will show the data changes made in the password.


Author: Jessica Apostol

Loves to discover and explore new things that lies beyond the universe. Geeky nerd.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.