passwd man page on Scientific

Man page or keyword search:  
man Server   26626 pages
apropos Keyword Search (all sections)
Output format
Scientific logo
[printable version]

PASSWD(1)			User utilities			     PASSWD(1)

       passwd - update user's authentication tokens

       passwd  [-k]  [-l]  [-u	[-f]]  [-d] [-e] [-n mindays] [-x maxdays] [-w
       warndays] [-i inactivedays] [-S] [--stdin] [username]

       The passwd utility is used to update user's authentication token(s).

       This task is achieved through calls to the Linux-PAM and	 Libuser  API.
       Essentially, it initializes itself as a "passwd" service with Linux-PAM
       and utilizes configured	password  modules  to  authenticate  and  then
       update a user's password.

       A simple entry in the global Linux-PAM configuration file for this ser‐
       vice would be:

	# passwd service entry that does strength checking of
	# a proposed password before updating it.
	passwd password requisite retry=3
	passwd password required use_authtok

       Note, other module types are not required for this application to func‐
       tion correctly.

       -k     The  option  -k, is used to indicate that the update should only
	      be for  expired  authentication  tokens  (passwords);  the  user
	      wishes to keep their non-expired tokens as before.

       -l     This  option  is	used  to  lock the specified account and it is
	      available to root only. The locking is  performed	 by  rendering
	      the  encrypted password into an invalid string (by prefixing the
	      encrypted string with an !).

	      This option is used to indicate that passwd should read the  new
	      password from standard input, which can be a pipe.

       -u     This  is	the  reverse  of  the  -l  option - it will unlock the
	      account password by removing the ! prefix. This option is avail‐
	      able  to	root  only.  By default passwd will refuse to create a
	      passwordless account (it will not unlock	an  account  that  has
	      only  "!" as a password). The force option -f will override this

       -d     This is a quick way to delete a password for an account. It will
	      set the named account passwordless. Available to root only.

       -e     This  is	a  quick  way to expire a password for an account. The
	      user will be forced to change the password during the next login
	      attempt.	Available to root only.

       -n     This  will  set  the  minimum password lifetime, in days, if the
	      user's account supports password lifetimes.  Available  to  root

       -x     This  will  set  the  maximum password lifetime, in days, if the
	      user's account supports password lifetimes.  Available  to  root

       -w     This  will set the number of days in advance the user will begin
	      receiving warnings that her password will expire, if the	user's
	      account supports password lifetimes.  Available to root only.

       -i     This  will  set  the  number  of	days which will pass before an
	      expired password for this account will be taken to mean that the
	      account  is  inactive  and  should  be  disabled,	 if the user's
	      account supports password lifetimes.  Available to root only.

       -S     This will output a short information about  the  status  of  the
	      password for a given account. Available to root user only.

Remember the following two principles
       Protect your password.
	      Don't  write  down  your password - memorize it.	In particular,
	      don't write it down and leave it anywhere, and don't place it in
	      an  unencrypted  file!  Use unrelated passwords for systems con‐
	      trolled by different organizations.  Don't give  or  share  your
	      password,	 in particular to someone claiming to be from computer
	      support or a vendor.  Don't let  anyone  watch  you  enter  your
	      password.	  Don't	 enter	your  password to a computer you don't
	      trust or if things Use the  password  for	 a  limited  time  and
	      change it periodically.

       Choose a hard-to-guess password.
	      passwd through the calls to the pam_cracklib PAM module will try
	      to prevent you from choosing a really bad password, but it isn't
	      foolproof;  create  your	password  wisely.  Don't use something
	      you'd find in a dictionary (in any language or  jargon).	 Don't
	      use a name (including that of a spouse, parent, child, pet, fan‐
	      tasy character, famous person, and location) or any variation of
	      your personal or account name.  Don't use accessible information
	      about you (such as your phone number, license plate,  or	social
	      security number) or your environment.  Don't use a birthday or a
	      simple pattern (such as backwards, followed by a digit, or  pre‐
	      ceded by a digit. Instead, use a mixture of upper and lower case
	      letters, as well as digits or punctuation.  When choosing a  new
	      password, make sure it's unrelated to any previous password. Use
	      long passwords (say at least 8 characters long).	You might  use
	      a	 word  pair with punctuation inserted, a passphrase (an under‐
	      standable sequence of words), or the first letter of  each  word
	      in a passphrase.

       These  principles are partially enforced by the system, but only partly
       so.  Vigilence on your part will make the system much more secure.

       On successful completion of its task, passwd will  complete  with  exit
       code 0.	An exit code of 1 indicates an error occurred.	Textual errors
       are written to the standard error stream.

       Linux-PAM (Pluggable Authentication modules for Linux).

       /etc/pam.d/passwd - the Linux-PAM configuration file

       None known.

       pam(8), pam.d(5), libuser.conf(5), and pam_chauthtok(3).

       For more complete information on how to configure this application with
       Linux-PAM, see the Linux-PAM System Administrators' Guide.

       Cristian Gafton <>

GNU/Linux			  Jan 26 2012			     PASSWD(1)

List of man pages available for Scientific

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net