If you are a system administrator maintaining a system with many users or a person holding a lot of accounts in your system, then you need to understand the importance of password change.
Phishing or malware attacks often leak the user password, which primarily consists of a simple name or birthday. It is recommended to update your password at a specific interval of time to prevent unauthorized access to your account.
When adding a new user account, you can set the expiration date for the password, but if you skipped it, don’t worry; follow one of the below methods to force the user to update their password on the next login.
Using the passwd Command
Generally, you have heard of the passwd command for changing user passwords, but the same command can be used to force users to change their account passwords on the next login.
🔗 Listing All Users in a Linux System
To force update their password on the next login, you need to expire their current password using the -e or --expire flag and specify their account username while executing the passwd command as shown below.
- sudo passwd -e ubuntushell
Now verify the current password status using the chage command along with the username, as shown below.
- chage -l ubuntushell
Below is the behavior of both commands.
After running the passwd command above, you can see all the fields with expiring passwords, inactive accounts, and account expiration status changed from "never" to "password must be change". Even if you try to update your system packages using the apt command, it will prompt you to update your password, as shown below.
Using the chage Command
The chage command helps to look for the password details but can be used in a similar way as the passwd command to force users to update their passwords.
To push the user to update their password, use -d or --lastday flags and set its value to "0", meaning the user had not changed their password since the last time it was updated, as shown below.
- sudo chage -d 0 ubuntushell
Now verify the current password status using the chage command along with the username, as shown below.
- chage -l ubuntushell
Below is the behavior of both commands.
Final Word
We strongly recommend you change your password at least once a month for security purposes using any of the methods mentioned above.
