BSDwiki/ Change a password

Change a password

Author: Alex Nikiforov nikiforov.al@gmail.com FreeBSD

Reviewer: Cezary Morga cm@therek.net FreeBSD

Reviewer: Kevin D. Kinsey kdk@daleco.biz FreeBSD

Reviewer: name contact BSD flavour

Concept

Be able to change your own password as well as the passwords of other users as required.

Introduction

Passwords help to establish trust; trust that you, as a computer user, are indeed "authorized personnel"; trust that the computer you are "logging into" is indeed the machine that it is supposed to be; trust that files that bear your username as "owner" were indeeed originally created by you --- trust is fairly important, don't you agree?

Good system security demands that users' passwords or passphrases be changed from time to time, even regularly in many cases. The "root" account should be protected by a strong password to ensure that "normal users" cannot cause problems with a multi-user machine by inadvertently shutting down, unmounting devices in use, installing unapproved software, etc.

You need to know how to change your password, and, as a system administrator, change the password of the "root" user, or another user in your system. For example, you might need to do some "system recovery", but the root password is lost (however, if you can boot in single-user mode you can change root's password). You might wish to change a user's password because they are afraid their original password has been compromised. You might wish to change your password because you have a new "significant other" and you want to forget the old one's name. Good news! Although your reasons may vary, the procedure is the same! The program passwd(1) has everything you need for this chore!

Examples

You can change root's password only if you are logged in as the root user, or use su to substitute root's credentials for your own.

Running passwd with no arguments will allow you to change your password. Note that it is often a good idea to make sure that you are indeed the user you think you are before attempting to make a password change:

""$ id ""uid=1001(someuser) gid=0(wheel) groups=0(wheel) ""$ passwd ""Changing local password for someuser ""Old Password: ""New Password: Retype New Password:

To change root's password, we must first get permission:

""$ id ""uid=1001(someuser) gid=0(wheel) groups=0(wheel) ""$ su ""Password: ""# id ""uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) ""# passwd ""Changing local password for root ""New Password: ""Retype New Password:

We first check our own identity; since we are "someuser" instead of the root user, we know we must gain root's credentials to change root's password. We use su and type root's current password to gain root access.

We then use passwd without a second argument, to change the password for the current user - in our example, root. But suppose we wish to change another user's password:

""# id ""uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) ""# passwd someotheruser ""Changing local password for someotheruser ""New Password:

It is not recommended to do this to your friends without consulting them first!

Practice Exercises

  1. Change your password.
  2. Change the root password.
  3. Change the password of another user.

More information

passwd(1), vipw(8)