• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

UNIX / Linux : how to force user to change their password on next login after password has reset

by admin

The Ask

How to require a user to change their password the next time they login? User must be force to change the password for the first time only after the password has been reset.

1. Using chage command

This can be done using the chage command with -d option. As per man page of chage :

# man chage
....
-d, --lastday LAST_DAY
    Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). If the LAST_DAY is set to 0 the user is forced to change his password on the next log on.
...

To set the user’s date of last password change to 0 use the command below :

# chage -d 0 [username]

For example to set user’s (testuser) date of last password change to 0 with chage command :

# chage -d 0 testuser

2. Using passwd command

Another way to force user for password change is to use the command passwd with -e option. The -e option expires the current user password forcing user to set a new one on next login. From the man page of passwd command :

-e     This is a quick way to expire a password for an account. The user will be forced to change the password during the next login  attempt. Available  to  root only.

To expire the current password and force user to set a new password use the below command:

# passwd -e [username]

If the user does not remember their old password, give them a temporary password with passwd before running the above command.

Verify

The next time the user authenticates (with their old password), they will be forced to enter a new password.

# ssh testuser@localhost
testuser@localhost's password: 
You are required to change your password immediately (root enforced)
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user testuser.
Changing password for testuser.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
Connection to localhost closed.

To verify if the current password has expired or not use the command chage.

# chage -l [username]

Filed Under: Linux

Some more articles you might also be interested in …

  1. apt-get Command Examples in Linux
  2. strip: command not found
  3. diff: command not found
  4. abbr Command Examples in fish-shell
  5. ss Command Examples in Linux
  6. How to disable firewalld and and switch to iptables in CentOS / RHEL 7
  7. UNIX / Linux : How to delete root equivalent user (Non-Root User with UID 0)
  8. How to make alias command work in bash script or bashrc file
  9. How to uninstall cmake package from Ubuntu
  10. grub-mkconfig Command Options

You May Also Like

Primary Sidebar

Recent Posts

  • aws ec2: CLI for AWS EC2 (Command Examples)
  • aws cur – Create, query, and delete AWS usage report definitions (Command Examples)
  • aws configure – Manage configuration for the AWS CLI (Command Examples)
  • aws cognito-idp: Manage Amazon Cognito user pool and its users and groups using the CLI

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright