How to Change Password in Linux

Learn how to change your password in Linux using the command line with our step-by-step guide. Discover best practices for creating a strong password, resetting your password if you forget it, and managing your passwords securely. Ensure the security of your system with regular password changes and proper password hygiene.

One can modify the password for a user account on Linux using the passwd program. So you should update your password if you often use the site. The root user and other users with sudo capabilities will modify other users’ passwords and determine whether or not to use them. Make sure to pick a strong, distinctive password when you update your password.

One of the most important things you can do to secure your account is to create a strong password. A strong password has at least 16 characters, including one special character, one integer, one lowercase letter, and one uppercase letter. For security purposes, it is preferable to use a different password for each account and to update the password on a regular basis.

 Linux Set Password for User

1. The first step is to open the Linux Terminal Application, or you can work on an online terminal as well. 
2. Type the following command to change the password:

Let us see a sample output below

The user can simply type their current password and then type a new password to set it for Linux. The ‘webmaster’ is the PC name that may differ for every user working on different Linux terminals. We have taken reference from an online Linux terminal.

Linux Change Password for Other User

1. The first step is to open the Linux Terminal Application.
2. You need to then log in to the root user using the ‘su’ command. Type the following command to change the password:

Ouput:

Linux Change Group Password

The password for the specified group is modified when the -g option is used. For this illustration, alter the password for class students.

There is no request for the existing group password. To delete the existing password from the specified group, use the -r option and the -g option. All members can now access the group of students. To exclude all users from the named group, use the -R and -g options.

List of Linux Commands to Operate Password

Command	Description
-a	report password status on all accounts
-d	delete the password for the named account
-e	force expire the password for the named account
-h	display this help message and exit
-k	set password inactive after expiration
-l	lock the password of the named account

What are the benefits of using secure passwords?

The need for secure passwords cannot be overstated. They safeguard your sensitive personal data by preventing illegal access to your computer accounts and gadgets. Your information will be more protected from online threats and hackers the more complicated the password.

What damage do weak passwords do?

It is practically hard to come up with and remember a complex password for every account and website on your own. But, employing weak and straightforward passwords is a surefire way to invite data leaks, account hacks, and other cyberattacks.

How Do You Create a Strong Password?

• Longer passwords are more secure.
• Passwords should be difficult to figure out.
• Avoid using popular combinations in passwords.
• For every account, you ought to use a distinct password.
• Password changes shouldn’t be made frequently.
• Special characters should be used in passwords.
• Periodically check to be sure your password hasn’t been hacked.

Several requirements must be met for a password to be considered strong. You could believe that an account is secure as long as the website recognizes it, but if you want to make a truly strong password, you must go above and beyond.

How Can Strong Passwords Be Made?

Even if you are aware of the prerequisites for creating a secure password, you might not be sure where to begin. Let’s examine various techniques for managing passwords that make it simple to generate secure passwords.

1. Using password generator:
   Using password generators to generate secure passwords is a quick and dependable option. You can choose settings for some generators, like length, special characters, and whether you want a password or passphrase, among others.

Your device and operating system may already have a built-in password generator available to you. As an alternative, most of the best password managers, including some free ones, come with a password generator.

Because they want to remember each of their passwords individually, some people are wary about utilizing a password manager. Therefore, you shouldn’t have any issues accessing your accounts on other devices as long as you utilize a service that syncs data in the cloud.

2. Use a phrase rather than a password:
   Passphrases rather than passwords are sometimes advised. A passphrase is a collection of numerous words, as opposed to a password, which can contain any combination of characters. Between the words, you can also use special characters. A safe passphrase might look like dresser-fusion-quarter-tallest, for instance.

In addition to being far more resistant to brute-force attacks due to their length, passphrases can be easier to remember than passwords. You don’t have to switch to passphrases if you’re more comfortable with traditional passwords, though, as they’re still prone to many of the same problems. If you choose to utilize passphrases, keep in mind to create a unique passphrase for each website and stay away from terms that are obvious.

3. Instead of a password, use a quote:
   You can switch to passages from books, phrases, or quotes that are more likely to stick in your mind if you have difficulties memorizing random passphrases. This method has the advantage that quotes are far more difficult to decipher than simple concepts like birthdays and pet names.

Something straightforward but easy to recall, like “quick-brown-fox-jumped-over,” should provide a high level of security. It’s true that each unique password must be created using a different quote; therefore it might not be practicable to remember your login for each account.
Use a password manager instead of putting your data in danger if you have trouble remembering passphrases or quotations. It is never worth the risk to your security to duplicate a password only to make things simpler to remember.

How Can You Safeguard Your Passwords?

Implement a Password Manager

The likelihood that someone may guess your password is reduced by a strong password. Password security won’t help you if the password is discovered, though. Never record your passwords on a piece of paper or in an unsecured digital application.

A trusted password organizer is an ideal place to keep your passwords on file. You always have access to all of your login information as long as you remember your password for the password manager itself. Furthermore, compared to the traditional method of writing down passwords on a piece of paper, password managers are far more convenient and secure.

Some password organizers enable users to save other data with their passwords, such as credit card numbers and private notes. Access to extra services like file storage and password sharing may be available to you as well. Further details are available in our ranking of the top password managers.

If you share files and information as part of your workflow, the security of that data is only as strong as your team as a whole. At the organizational level, password regulations are a good method to reduce vulnerability to cybersecurity risks.

Basic specifications like length, special characters, and uniqueness could be part of a robust password policy. Use a trustworthy organizational virtual private network (VPN) or mandate 2FA for employees’ accounts to increase security.

Put two-factor authentication to use (2FA)

Adding a second layer of security to your online accounts is simple with 2FA. You must still confirm your login attempts after configuring 2FA, even if you use the right password.

Even though it may seem tedious, it’s worth the extra time to reduce the possibility of an account breach. Modern authentication apps use biometrics like Touch ID and Face ID to protect user data. Most platforms now employ push notifications or number verifications in place of SMS codes.

Share your Passwords Safely

Password sharing should be kept to a minimum. Use a secure channel if you need to share a password with someone else. Never send a password to anyone by email or a short message service (SMS).

The same goes for entering your password in your Notes app or any other location where it could be easily discovered. Password managers encourage secure, controlled sharing and reduce the possibility that someone other than the intended receiver will access your information.

You can share an account without actually showing the other person the password thanks to password managers. As opposed to this, the recipient typically employs a customized link that instantly fills in the password without ever displaying it. The password will never be shared with anybody else, you can be sure of that.

Each password manager has its own unique rules for password sharing. If exchanging passwords with non-users is not supported by your password manager, you can use a free alternative like Privnote to communicate login information without putting it at risk.

Keep your Passwords in Mind

In the early days of the internet, remembering passwords might have been more practical, but it’s now nearly impossible. Even if you have a terrific memory, trying to remember your passwords won’t make you any safer than you would be with a secure password manager.

Most people can only remember passwords if they use a similar password for all of their accounts, which is the fundamental challenge with passwords. Never choose a password that is easier to remember just because it is simpler.

Conclusion

For user accounts, the command modifies passwords. The password for one’s own history may only be changed by a typical user; however, a superuser may change the password for any account. Moreover, this command modifies the account or linked password’s validity duration.