Getting started with Linux: how to force password change next time you log on to Linux

Getting started with Linux: how to force password change next time you log on to Linux

Q: I am managing a Linux Server shared by multiple users. I just created a new user using the default password, but I want to change the password when I log on for the first time. Is there any way to change his/her password upon next login?

In a multi-user Linux environment, the standard practice is to use a default random password to create a user account. After successfully logging on, the new user changes the default password. For security reasons, it is often recommended to "force" the user to change the password upon the first login to ensure that the one-time password will not be used again.

The following describes how to force a user to change his/her password upon next login.

Each Linux user is associated with the different password-related configurations and information. For example, it records the last password change date, the minimum/maximum number of days to change the password, and the password expiration time.

A command line tool named chage can access and adjust the Password Expiration configuration. You can use this tool to force the user to change the password on the next login,

To view the expiration information of a specific user (such as alice), run the following command. Note that the root permission is required to view the password information of any user except yourself.

1. $ sudo chage -l alice

Force user to Change Password

If you want to force the user to modify his/her password, use the following command.

1. $ sudo chage -d0 <user-name>

The original "-d" parameter is used to set the "Age" of the password (that is, the number of days since the last password was changed ). Therefore, "-d0" indicates that the last password was modified at, which caused the current password to expire and forced him to change the password upon next login.

Another method to expire the current password is to use the passwd command.

1. $ sudopasswd-e <user-name>

The preceding command works the same as "chage-d0" to make the current user's password expire immediately.

Check the user information and you will find:

When you log on again, you will be asked to change the password. You will be asked to verify the current password again before modification.

You can use PAM to set a more comprehensive password policy (such as password complexity and prevent repeated use. For more information, see this article.

Via: http://ask.xmodulo.com/force-password-change-next-login-linux.html

Author: Dan Nanni Translator: geekpi Proofreader: wxy

This article was originally compiled by LCTT and launched with the honor of Linux in China

This article permanently updates the link address: