In our last article, we’ve explained you how to change user password expiry information in Linux, where we looked at different examples of the chage command. In this article, we will elaborate on how to forcefully make a user to change his/her password at the next login in Linux.
Read Also: 3 Ways to Change a Users Default Shell in Linux
Note that if you have just created a user account with a default password, you can also use this trick to force that user to change their password upon the first login.
There are two possible ways to achieve this, as described in detail, below.
Using passwd Command
To force a user to change his/her password, first of all the password must have expired and to cause a user’s password to expire, you can use the passwd command, which is used to change a user’s password by specifying the -e or --expire switch along with username as shown.
# passwd --expire ravi
Next verify the user ravi’s password expiration and aging information with the chage command as shown.
# chage -l ravi
After running the passwd command above, you can see from the output of the chage command that the user’s password must be changed. Once the user ravi tries to login next time, he will be prompted to change his password before he can access a shell as shown in the following screen shot.
Using chage Command
Alternatively, you can use the chage command, with the -d or --lastday option which sets the number of days since January 1st, 1970 when the password was last changed.
Now to set the password expiry of user, run the following command by specifying the day to zero (0), means that the password has not been changed since the above date (i.e. January 1st, 1970), so the password has literally expired and needs to be changed immediately before the user can access the system again.
# chage --lastday 0 ravi OR # chage --lastday 1970-01-01 ravi
Next check the user ravi’s password expiration and aging information with the chage command using -l option as shown.
# chage -l ravi
Here are some additional user management guides for you.
- 11 Ways to Find User Account Info and Login Details in Linux
- How to Delete User Accounts with Home Directory in Linux
Conclusion
It is always recommended to remind users to change their account passwords regularly for security reasons. In this article, we have explained two ways to force users to change their password in the next login. You can ask any questions via the comment form below.
How do you set this for all users on the server…
It is very useful, thanks a lot.
What if there are many users, and we need to expires their passwords?
Thanks in advance
Hello Team,
if there is a way to make the password set by system security admin or root role permanent so that no change is required at first login.
The command
# chage -d 0 user-namewill also force user to change his password in next login.@Irfan
Many thanks for sharing, we will cross check.
Awesome post, really liked and useful tip..
@Carlo
Good to know that you found this post useful. Thanks for the feedback.