TechEarl

How to Change a User Password on Linux (passwd)

Change your own or another user's password with passwd, force a reset at next login, and the rules root can set that ordinary users cannot.

Ishan Karunaratne⏱️ 3 min readUpdated
Share thisCopied
Change your own or another user's password on Linux with passwd, force a reset, and the controls root has over a password that users do not.

To change your own password, run passwd with no arguments:

bash
passwd

It asks for your current password, then the new one twice. To change another user's password you need root:

bash
sudo passwd deploy
Root terminal running passwd deploy, entering a new password twice, and the system replying password updated successfully.
As root, passwd does not ask for the old password and reports 'password updated successfully' when done.

Root skips the rules; users don't

When you change your own password, passwd enforces the system policy: minimum length, complexity, not reusing the old one. When root sets a password, it can override all of that, which is why sudo passwd deploy never prompts for the user's old password and will accept a weak one with only a warning. That is by design: an admin resetting a forgotten password should not be blocked by the policy.

Force the user to change it at next login

After an admin reset, you usually want the user to pick their own password immediately. Expire it so they are prompted on next login:

bash
sudo passwd -e deploy        # expire now; prompt at next login

There is a dedicated guide to forcing a change, including the chage -d 0 equivalent.

Check and lock from the same command

bash
sudo passwd -S deploy        # status: P usable, L locked, NP no password
sudo passwd -l deploy        # lock the password
sudo passwd -u deploy        # unlock

Note that passwd -l locks the password only; an SSH key still works. For a full lockout see lock and unlock a user account.

Set a password non-interactively (scripts)

For automation, pipe it through chpasswd rather than trying to script the interactive prompt:

bash
echo 'deploy:S3cret-pass' | sudo chpasswd

Useful in provisioning, but the password lands in shell history and process listings, so prefer SSH keys for anything that matters and reserve this for throwaway environments.

FAQ

See also

Sources

Authoritative references this article was fact-checked against.

TagsLinuxpasswdPasswordUser ManagementSecurity

Found this useful? Pass it on.

Copied

Ishan Karunaratne

Software Systems Architect · Senior Software Engineer · Engineering Leadership

Software systems architect and senior software engineer with more than two decades designing, building, and running production software, Linux systems, and DevOps infrastructure, and lately working AI into the stack. Now a CTO, though what I write here is drawn from the full arc of that work, across architecture, engineering, and operations, not any single job.

More by IshanLinkedIn
Keep reading

Related posts

Four reliable ways to change a WordPress password: admin dashboard, WP-CLI, direct in the database, or email reset. Includes the WP 6.8+ bcrypt hash format.
WordPress

How to Change a WordPress Password

Four reliable ways to change a WordPress password: admin dashboard, WP-CLI, directly in the database with the correct phpass or bcrypt hash, and the lost-password email reset.