chgpasswd

chgpasswd [options] [login]

-e, --encrypted
    Treat the following argument as an already-encrypted password (non-interactive)

-h, --help
    Display help message and exit

-s, --shadow
    Update passwords in the shadow file instead of passwd

The chgpasswd command is a utility from the shadow password suite used to update a user's password interactively. When invoked with a specific login name, it allows an administrator to change that user's password. If no login is provided, it changes the password for the current user.

The program prompts the user twice for the new password to verify accuracy. If the entries do not match, it exits without making changes, enhancing security against typos. Passwords are checked against system policies like minimum length and complexity if PAM is configured.

Unlike chpasswd, which processes batches from standard input, chgpasswd is designed for single-user interactive use. It supports operating on either /etc/passwd or /etc/shadow files. Root privileges are typically required to change another user's password. This command provides a simple, secure method for password management in Unix-like systems, prioritizing user verification to prevent errors.

Requires root privileges for other users; not installed by default on all distributions; echoes no characters during input for security; subject to PAM password policies.

chgpasswd user1
New password: [input]
Retype new password: [input]
Password updated successfully.

echo 'encryptedpass' | chgpasswd -e user1 (use with caution, requires encrypted hash)

Introduced in the shadow-utils package (circa 1990s) as part of the shadow password system to separate encrypted passwords from /etc/passwd for improved security in Linux and Unix-like OS.

passwd(1), chpasswd(8), pwck(8), shadowconfig(8)