chpasswd

Change the password for a specific user

$ printf "[username]:[new_password]" | sudo chpasswd

$ printf "[username_1]:[new_password_1]\n[username_2]:[new_password_2]" | sudo chpasswd

$ printf "[username]:[new_encrypted_password]" | sudo chpasswd --encrypted

$ printf "[username]:[new_password]" | sudo chpasswd --crypt-method [NONE|DES|MD5|SHA256|SHA512]

chpasswd [options]

-e
    chpasswd accepts encrypted passwords. Default is plain text.

-c algorithm
    Use algorithm to encrypt the password. Use 'help' to show supported algorithms.

-m
    Modify the password of the current user using stdin

The chpasswd command updates user passwords in batch mode. It reads username:password pairs from standard input. The password can be clear text or, optionally, a hash generated by a hashing algorithm. This command is particularly useful for scripting and automating password changes across multiple accounts or systems. The primary use case is to manage many user passwords from a single script. Passwords are immediately updated in the system's password database, typically /etc/shadow. It's crucial to exercise caution when using chpasswd, especially with clear text passwords, as they can be exposed in command history or logs. Therefore, always ensure that your system is secure and use appropriate password policies. chpasswd leverages PAM (Pluggable Authentication Modules) to authenticate and update user passwords. It allows to utilize of different authentication methods and security configurations depending on the current system configutation.

Using chpasswd with cleartext passwords is inherently insecure. Consider using stronger password hashing algorithms and encryption to protect sensitive information. Also, ensure your script handles errors gracefully to avoid unintended consequences. Never store clear text passwords in scripts.

Always prioritize security when using chpasswd. Avoid storing passwords in plaintext. If you must use plaintext, remove them from your script once you are done processing them. Audit password changes regularly to detect any anomalies.

chpasswd relies on PAM for authentication and password management. Ensure that PAM is configured correctly to allow chpasswd to function as expected.
Verify PAM configuration by reviewing /etc/pam.d/chpasswd file.

chpasswd has been a standard utility in most Linux distributions for many years. It was primarily developed as a convenient way to automate password management tasks, particularly in environments with a large number of user accounts.

passwd(1), useradd(8), usermod(8)