Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to force users to change their passwords the next time they log on to Linux". In daily operation, I believe many people have doubts about how to force users to change their passwords the next time they log on to Linux. Xiaobian consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the doubts of "how to force users to change their passwords the next time they log on to Linux." Next, please follow the editor to study!

When you create a user with the default password, you must force the user to change the password the next time you log in.

This option is mandatory when you are working in an organization. Because older employees may know the default password, they may or may not try improper behavior.

This is one of the safety complaints, so make sure you deal with it in the right way without any mistakes. Even your team members should do the same.

Most users are lazy and won't do so unless you force them to change their passwords. So it is necessary to do this practice.

For security reasons, you need to change your password frequently, or at least once a month.

Make sure you use passwords that are hard to guess (a combination of uppercase and lowercase letters, numbers and special characters). It should be at least 10-15 characters.

We ran a shell script to create a user account in the Linux server, which automatically appends a password to the user, which is a combination of the actual user name and a small number.

We can do this in two ways:

Passwd command

Chage command

Recommended reading:

How to check the group to which a user belongs on Linux

How to check the date the user was created on Linux

How to reset / change a user's password in Linux

How to use passwd commands to manage password expiration and aging

Method 1: use the passwd command

Passwd means "password". It is used to update the user's authentication token. The passwd command / utility is used to set, modify, or change a user's password.

The average user can only change his or her account, but the super user can change the password of any account.

In addition, we can use other options to allow users to perform other activities, such as deleting user passwords, locking or unlocking user accounts, setting password expiration times for user accounts, and so on.

In Linux, this can be done by calling Linux-PAM and Libuser API.

When you create a user in Linux, the user details are stored in the / etc/passwd file. The passwd file saves the details of each user as a single line with seven fields.

In addition, the following four files are updated when a new user is created in the Linux system.

/ etc/passwd: user details will be updated in this file.

/ etc/shadow: the user password information will be updated in this file.

/ etc/group: the group details of the new user will be updated in this file.

/ etc/gshadow: the group password information for new users will be updated in this file.

How to use the passwd command to do this

We can use the passwd command and add the-e option to do this.

To test this, let's create a new user account and see how it works.

# useradd-c "2g Admin-Magesh M" magesh & & passwd mageshChanging password for user magesh.New password:Retype new password:passwd: all authentication tokens updated successfully.

Invalidate the password of the user account, and the user will be forced to change the password during the next login attempt.

# passwd-e mageshExpiring password for user magesh.passwd: Success

When I tried to log in to the system using this user for * times, it asked me to set a new password.

Login as: magesh [email protected]'s password:You are required to change your password immediately (root enforced) WARNING: Your password has expired.You must change your password now and login changing password for user magesh.Changing password for magesh. (current) UNIX password:New password:Retype new password:passwd: all authentication tokens updated successfully.Connection to localhost closed. Method 2: use the chage command

Chage means "change time". It changes the user's password expiration information.

The chage command changes the number of days that the password needs to be changed since the last password change date. The system uses this information to determine when the user must change his / her password.

It allows users to perform other activities, such as setting account expiration dates, setting passwords to expire after expiration, displaying account expiration information, setting the minimum and * days before password changes, and setting expiration warning days.

How to use the chage command to do this

Let's do this with the help of the chage command by adding the-d option.

To test this, let's create a new user account and see how it works. We will create a user account named thanu.

# useradd-c "2g Editor-Thanisha M" thanu & & passwd thanuChanging password for user thanu.New password:Retype new password:passwd: all authentication tokens updated successfully.

To achieve this, use the chage command to set the user's last password change date to 0.

# chage-d 0 thanu # chage-l thanuLast password change: Jul 18, 2018Password expires: neverPassword inactive: neverAccount expires: neverMinimum number of days between password change: 0Maximum number of days between password change: 99999Number of days of warning before password expires: 7

When I tried to log in to the system using this user for * times, it asked me to set a new password.

Login as: thanu [email protected]'s password:You are required to change your password immediately (root enforced) WARNING: Your password has expired.You must change your password now and login changing password for user thanu.Changing password for thanu. (current) UNIX password:New password:Retype new password:passwd: all authentication tokens updated successfully.Connection to localhost closed. At this point, the study on "how to force users to change their passwords the next time they log in to Linux" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.