How to use the Linux passwd command

With the Linux passwd command you can set passwords for yourself or others. With a range of options available, you can customize settings and even disable inactive accounts.

What is Linux passwd?

The Linux command passwd is particularly important for the data security of your system. The command lets you change passwords for a group or a user using Linux. Change and lock intervals can also be set with passwd. Thus, this tool lets you prevent unauthorized access and better administer different roles. This is the case when selecting secure passwords.

Linux passwd is standard in all common Linux distributions like Debian or Ubuntu and doesn’t need to be installed.

How does the passwd command work?

The functionality of passwd is simple. To change your password, just enter the command in the command line. If there’s an old key, type it again and then store your new password. To change the password of another user, you need root rights. If you have them, you can use the Linux sudo command to create or change someone else’s credentials. The next time the corresponding person logs in, they must then enter the new key.

What is the syntax of Linux passwd?

The syntax of the simple passwd command looks like this:

$ passwd [Options] [User]

If you omit the parameters “[Options]” and “[User]”, you only change your own password.

What options does the Linux passwd command have?

There are numerous options for passwd. The most important ones are:

• -a or –all: This option, in conjunction with -s, ensures that you get information about all users.
• -d or –delete: This option lets you disable a password.
• -e or –expire: Use this option to let a password expire. A new password must then be set with passwd the next time you log in.
• -i or –inactive [days]: With this option you determine when an account should be deleted. The time is determined by the number of days a user has been idle after their password expired.
• -k or –keep-tokens: This option limits the change options for passwords that have already expired.
• -l or –lock: Use this option to lock a user’s password.
• -n or –mindays [days]: Use this option to define after how many days since the last change a password can be changed again.
• -S or –status: This option shows you the current values for a user.
• -u or –unlock: This option overrides the -l or –lock option.
• -w or –warndays [days]: Use this option to warn a user of an upcoming password expiry. The “[days]” parameter defines with how much lead time the warning should be sent.
• -x or –maxdays [days]: The option defines after how many days a password must be renewed.

Examples for using the Linux passwd command

Using some simple examples we’ll show you how Linux passwd works in practice.

$ passwd

Use the command to change your own password. If you’re not the administrator, you’ll be prompted to enter your old password. If you’ve entered it correctly, you can create a new key. You must then confirm this again.

$ sudo passwd Peter

Assign a new password for the user Peter.

$ sudo passwd -x 100 -n 5 -w 7 -i 10 Peter

Use the command to specify that Peter will have to create a new password after 100 days. If he wants to change his password before then, he can do so five days after the last change. He’ll be prompted to change his password one week before it expires. If he doesn’t set a new password ten days after the password has expired, his account will be deactivated.