5 UNIX / Linux passwd Command Examples

What is passwd?
5 passwd examples
Syntax and Options
Related Commands

What is passwd?

The Linux passwd command is used to change the password for a user account. A user can only change the password of his/her account but the superuser can change the password of any account. Besides changing password, this command can change other information like password validity etc.

5 passwd Examples

1. Change password using passwd command

The passwd command can be used to simply used to change the password for an account.

Consider the example below :

$ passwd guest
Changing password for guest.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

So we see that password was changed successfully.

2. Display the account status information using -S option

The status information related to an individual account can be retrieved by using -S with this command.

Consider the following example :

$ passwd -S  himanshu
himanshu P 03/12/2011 0 99999 7 -1

So we see that the status information for my account was displayed. The individual fields in the output as described in the man page are :

The first field is the users login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P). The third field gives the date of the last password change. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password. These ages are expressed in days.

3. Delete an account password using the -d option

The passwd command can be used to delete an account passwd in order to make it password-less. This can be done using the -d option with this command.

Consider the following example :

$ sudo passwd -d guest
passwd: password expiry information changed.

So we see that the -d option deletes the password by changing the password expiry information.

4. Immediately expire the account password using -e option

This can be done using the -e option. Once this is done, user will be forced to change the password the next time they log in.

Consider the example below.

$ sudo passwd -e guest
passwd: password expiry information changed.

So we see that the expiry information was changed.

5. Perform actions quietly by using -q option

If we do not want the passwd command to output any extra information as output then we can choose to do so by using the -q option.

Consider the example below :

$ sudo passwd -eq guest
$

So we see that we used the -q option along with the expiry changer -e option. And when the command was run, there was no information produced in the output. So we see that -q made the passwd command to work quietly.

Syntax and Options

passwd [options] [LOGIN]
Short Option Long Option Option Description
-a –all This option can be used only with -S and causes show status for all users.
-d –delete Delete a users password (make it empty). This is a quick way to disable a password for an account. It will set the named account password-less.
-e –expire Immediately expire an accounts password. This in effect can force a user to change his/her password at the users next login.
-i –inactive INACTIVE This option is used to disable an account after the password has been expired for a number of days. After a user account has had an expired password for INACTIVE days, the user may no longer sign on to the account.
-k –keep-tokens Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before.
-l –lock Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password). Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod –expiredate 1 (this set the accounts expire date to Jan 2, 1970). Users with a locked password are not allowed to change their password.
-n –mindays MIN_DAYS Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time.
-q –quiet Quiet mode.

Related Commands

passwd
shadow
usermode