Locally or remotely for extra security
Without a secure password, your data is vulnerable. Easy to guess or previously leaked passwords make a hacker’s job easy—after all, it isn’t hard to breach a user account if “password123” is your password. That’s why it’s important to change your password regularly, even on a more secure operating system like Linux.
Thankfully, it’s an easy process to change your password in Linux. You can change your password (or other user’s passwords) from the terminal locally or remotely, or set expiration dates to force other users to change it themselves when they next sign in. Here’s what you’ll need to do to change a user password in any Linux distribution.
Why You Should Change Your Linux Password Regularly
While a Linux-based operating system offers greater security than a typical Windows installation, that doesn’t mean it’s infallible to hackers. One of the easiest ways for someone to breach your PC is through lax security, with easy-to-crack passwords at the top of the list.
Unfortunately, you should also expect that time is against you. Many of us use the same passwords for multiple accounts. If your email password is compromised, for instance, and you use the same password to sign into your Linux PC, then you’re putting your PC (and all of your saved data) at risk.
That’s why it’s important to consider changing all your passwords in Linux on a regular basis, including your account passwords on Linux. A good password consists of a number of letters (both upper and lower case), numbers, and special characters. It also requires the password to be of suitable length (at least 8 characters, if not more).
If you’re struggling to come up with a password you can remember, you can use a password manager to help you generate and remember it. You won’t be able to use this to fill out the login screen, but if you’re using a password manager like KeePass, you can quickly recall the password using the mobile app.
However, it’s probably best (and easiest) to create a password that you can remember. Dictionary words are off the menu for this one, but where possible, you should attempt to create a memorable password that no-one else could possibly know using the steps we’ve outlined above.
How to Change Your Password in Linux
While you should be able to change passwords using your distro’s desktop environment, those steps will vary significantly. If you’re using a headless version of Linux (without a GUI), you won’t be able to use a GUI to change your password at all.
That’s why the best and fastest way to change your password in Linux is to use the terminal, regardless of the Linux distribution you’re using.
- Open a new terminal window or make a remote SSH connection to your Linux PC or server. If you’re connecting remotely, you’ll need to type in your existing password to authenticate if you haven’t already.
- Once you’ve signed in (either remotely or locally), type passwd to begin the process of changing your password. The passwd command is common to almost all Unix-based operating systems, including Linux and macOS.
- To change your Linux password using passwd, type in your existing password first, then confirm your new password by entering it twice, selecting Enter to move to each new line. You won’t be able to see your input, so if you make a mistake during the typing process, select the Enter key on your keyboard at any point. This will cause passwd to fail, as it won’t be able to match the new passwords or authenticate using the previous one.
- If the process is successful, passwd will return a success message in the terminal. If it isn’t (for example, if you mistyped your password), you’ll need to repeat the process.
Changing Other User Account Passwords in Linux
If you have superuser or root access on your Linux PC or server (for instance, if you’re a system administrator), you can change the passwords of other local users. You may want to do this if someone has forgotten their password, for instance.
- To do this, open a terminal window locally or connect remotely using SSH. Once the terminal or connection is open, type su or sudo su to switch to the root user account. You’ll need to provide the correct root user password to be able to do this.
- Once you’ve switched to root using sudo su or su, you can begin to change another user’s password. To do this, type passwd user, replacing user with the username of the account you wish to change. If you’re unsure what the username is, type cat /etc/passwd instead. The first word in each line (for example, ubuntu) is a username on your PC.
- You’ll need to type in the new password twice, selecting the Enter key after each line.
- If you type the passwords correctly, passwd will return a success message. If you type the passwords incorrectly (eg. if the new passwords don’t match), you’ll need to repeat these steps to successfully change it.
How to Change the Root Password in Linux using Sudo
To help protect your system, many Linux distributions restrict normal user accounts by hiding certain access behind the root (superuser) account. When you elevate your terminal using commands like sudo su or su to grant root access, you’ll need to type the correct root password.
- To change the root password, you’ll need to open a terminal window or connect remotely using SSH. In the terminal, type sudo su or su to switch to the superuser account, then select the Enter key on your keyboard.
- With root access, type passwd and select the Enter key. You’ll need to provide a new password twice, selecting Enter after each line.
- If the command is successful, passwd will output a success message in the terminal. If it fails, you’ll need to repeat these steps to complete the process.
Setting a Password Expiry Date in Linux
By setting a built-in expiry date for passwords on your Linux PC, you don’t need to worry about manually running the passwd command on a regular basis. When the password expires, your PC will instruct you to change your password automatically.
- To set a password expiry date in Linux, open a terminal window or connect remotely using SSH. In the terminal, type chage -M 100 user and select the Enter key, replacing 100 with the number of days before the next expiration and user with your username. If you want to set expiration dates for other user accounts, type sudo chage -M 100 user instead, replacing the placeholder details with your own.
- With the details set, you can check the expiration date by typing chage -l user and selecting Enter, replacing user with the username you wish to check.
Securing a Linux System
Linux is well known as one of the most secure operating systems available, but without a secure password in place, you’re leaving your PC vulnerable to attack. There are other ways you can secure your system further, such as maintaining a secure local network and scanning your files for viruses that could infect other PCs.
You could also think about using a secure web browser to stay safe online, especially if you consider using a VPN to mask your IP address. Making efforts to protect your online privacy and security won’t stop hacking attempts, but it will add another layer of defense against it.