passwd
Update user`s authentication tokens (passwords)
Overview
The passwd command changes passwords for user accounts. A normal user may only change the password for their own account, while the superuser may change the password for any account. It can also be used to manage password policies like expiry, warning periods, etc.
Syntax
passwd [OPTION]... [LOGIN]Common Options
-d, --deleteDelete a user’s password (make it empty). Only root can do this. This is a quick way to disable a password for an account.
-e, --expireImmediately expire an account’s password. This forces a user to change their password at their next login. Only root can do this.
-l, --lockLock the named account. This option disables a password by changing it to a value that matches no possible encrypted value (it prepends a '!' to the password). Only root can do this.
-u, --unlockUnlock the named account. This option re-enables a password by changing it back to its previous value (the value before using the -l option). Only root can do this.
-S, --statusDisplay account status information. The status information includes login name, password status (L=locked, NP=no password, P=usable password), date of last password change, min/max age, warning, and inactivity period.
-n days, --minimum daysSet minimum number of days between password changes to `days`. (Root only)
-x days, --maximum daysSet maximum number of days that password is valid to `days`. (Root only)
-w days, --warning daysSet number of days warning user receives before password expires to `days`. (Root only)
-i days, --inactive daysSet number of days after password expires that account is disabled to `days`. (Root only)
--stdinRead new password from standard input (use with caution, especially in scripts).
Examples
Allows the current logged-in user to change their own password.
Allows the superuser to change the password for someuser.
Locks the account password for user_to_lock.
Unlocks the account password for user_to_unlock.
Deletes the password for user_with_no_pass, allowing login without a password (generally not recommended).
Forces user_force_change to set a new password upon their next login.
Shows detailed password status information for anotheruser.
Sets password policies for some_user: expires in 90 days, min 7 days between changes, 14-day warning.
Sets the password for an_account using stdin (be extremely cautious with this method).