passwd

Change the password of the current user interactively

$ passwd

$ passwd [username]

$ passwd [[-S|--status]]

$ passwd [[-d|--delete]]

$ yes [password] | passwd

passwd [options] [username]

-d, --delete username
    Delete the password for the specified user account. This makes the account accessible without a password. Only available to the root user.

-e, --expire username
    Immediately expire the password for the specified user, forcing them to change it upon their next login. Only available to the root user.

-i, --inactive=DAYS username
    Set the number of days after a password has expired before the account becomes permanently inactive. Only available to the root user.

-l, --lock username
    Lock the password of the specified user account, preventing login. This is done by prepending an '!' to the password hash in /etc/shadow. Only available to the root user.

-n, --mindays=DAYS username
    Set the minimum number of days that must pass before a user is allowed to change their password again. Only available to the root user.

-S, --status username
    Display the password status information for the specified user account. This includes password last changed date, minimum/maximum days, warning period, and account status (e.g., P for password set, NP for no password, L for locked).

-u, --unlock username
    Unlock the password of the specified user account. This removes the '!' prepended by the -l option. Only available to the root user.

-x, --maxdays=DAYS username
    Set the maximum number of days a password remains valid. After this period, the user will be forced to change their password. Only available to the root user.

--stdin
    Read the new password from standard input. This is commonly used in scripts to automate password changes, but care must be taken to prevent the password from being exposed in process listings.

passwd is a fundamental Linux utility used to change a user's authentication token, typically their password. It prompts the user for their current password (if changing their own) and then for the new password twice to ensure accuracy.

The command enforces system-wide password policies, which are often managed by Pluggable Authentication Modules (PAM), dictating rules like minimum length, complexity, and history. For unprivileged users, passwd allows changing only their own password. The root user has elevated privileges and can change the password for any account on the system without knowing the current password, and can also manipulate password aging settings (e.g., force password expiry, lock/unlock accounts).

Password information is stored securely, primarily in the /etc/shadow file, which contains encrypted password hashes and aging details, while /etc/passwd lists user accounts without password hashes. Using passwd correctly is crucial for maintaining system security and managing user access.

When changing another user's password, passwd does not require knowledge of the old password; this functionality is exclusive to the root user.

Password complexity and aging rules are not handled directly by passwd itself, but by system-wide configuration files (e.g., /etc/login.defs) and Pluggable Authentication Modules (PAM) such as pam_pwquality or pam_cracklib.

Using the --stdin option can be a security risk if not handled properly, as the password might be exposed in shell history or process lists. It should be used with extreme caution in automated scripts.

For more fine-grained control over password aging policies, the chage(1) command is often preferred.

The passwd command, particularly when used by the root user, allows setting various password aging parameters. These include the minimum (-n) and maximum (-x) number of days between password changes, the warning period before expiry, and inactivity periods (-i). These settings are crucial for enforcing security policies and ensuring regular password updates.

The primary security function of passwd is to manage authentication credentials. Its shift to using /etc/shadow significantly improved security by preventing unauthorized access to password hashes. Additionally, its reliance on PAM allows for enforcement of strong password policies, including complexity, length, and history checks, which mitigate risks from common password attacks.

The passwd command has been a core component of Unix-like operating systems since their early days. Initially, encrypted passwords were stored directly in the publicly readable /etc/passwd file.

However, to enhance security and prevent brute-force attacks on password hashes, the concept of 'shadow passwords' was introduced. This led to the separation of encrypted password hashes into a restricted-access file, /etc/shadow, while /etc/passwd retained only user account information.

Modern Linux distributions integrate passwd with Pluggable Authentication Modules (PAM), allowing system administrators to implement flexible and robust password policies without modifying the core passwd utility.

chage(1), usermod(8), useradd(8), login(1), passwd(5), shadow(5), pam(8)