How to Manage Your User Password from the Terminal in Linux

Manage Passwords Linux Command Line

Like with so many things in the Linux world, passwords are most easily managed directly from the command line. The passwd utility was designed to allow you quick and easy access to all of the password-related commands on your system. You can use it to change and manage your own password as well as the passwords of other users on your system. You can also use it to disable password authentication for a user, lock a user’s account, and set mandatory expiration dates, all to keep your system secure.

Let’s take a look at the passwd utility and how you can use it to manage your password in Linux.

Change Your Password

Chang your password passwd

First, the easiest thing you can do with the passwd utility is change your own password. Just use the passwd command with nothing else.


It’ll ask you to supply your current password followed by your new one.

Change Someone Else’s Password

Change a user's password passwd

With root privileges or sudo, you can change someone else’s password, too. Just give passwd the account username for the password you want to change.

sudo passwd username

This time it won’t ask for their current password. It will only ask for you to set a new one.

Locking a Password

You can just as easily lock a user’s account by locking their password. This will make them unable to sign in using a password. Other methods, like SSH keys, will still work. In order to lock an account, you’ll need sudo and the -l flag.

sudo passwd -l username

You can unlock an account, too, with the -u flag.

sudo passwd -u username

Locking Root

If, for security reasons, you want to lock all access to the root account, leaving sudo the only way to manage the system, you can do that, too.

sudo passwd -l root

It works the same as with any other user.

Using an Empty Password

You can also choose to set a user with an empty password. This is a really bad idea for security, but it can save you a lot of hassle on things like multimedia PCs that you don’t necessarily need to secure that way. Once again, passwd has a simple flag to remove a user’s password, making it blank.

sudo passwd -d username

Password Expiration

It’s fairly common to set passwords to expire every so often. It’s a good security measure that prevents stale user passwords from compromising a system. If you’re running a system in a business situation, it’s hard to control what your customers use as their passwords and whether they get compromised. Forcing them to change their password after a set time frame will force your users to keep fresh passwords and reduce the risk of a breach.

Set Password expiration length

Use the -x flag followed by the number of days you want the user’s password to be valid.

sudo passwd -x 30 username

That will set the user’s password to expire after thirty days.

Remind the user about password expiration

You can also set up a system to warn the user that their password will expire soon. Use the -w flag with the amount of days before expiration to automatically warn the user to change their password.

sudo passwd -w 5 username

If you know there has already been an issue with a user’s password, you can automatically make their password expire. This will force them to set a new one immediately.

sudo passwd -e username

That’s all you really need to get started with passwd. If you’d like to see more of what it can do, check out the utility’s man page.

man passwd

It’ll tell you everything that you can do with passwd. Passwd is an invaluable tool for Linux administrators. Even if you’re not running a big business server, you can still take advantage of passwd to keep your desktop more secure.

Nick Congleton
Nick Congleton

Nick is a freelance tech. journalist, Linux enthusiast, and a long time PC gamer.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox