password
NAME
password, passwd - change password
SYNOPSIS
password
[ -o ]
[ -q ]
[ -v ]
[ name [ password ]]
password -f
[ arguments to chfn ]
password -s
[ arguments to chsh ]
DESCRIPTION
Without arguments
password
will change the password for the current user. First the user is asked for
the old password, then prompted twice for the new password in order to
catch typing errors.
The one and two argument forms may only be used by the superuser. Using the
one argument form, the superuser may change the password for that
user.
The superuser is not asked for the users old password, but the rules
for proper passwords are also applied unless the
-o
option is used. The superuser may have legitimate
reasons to choose a non-conformant password.
The two argument form gives the
user the password
stated as the second argument. This may be useful when giving many
users an initial generated password. But it can also be extremely
dangerous. A simple script bug might change to root password to
something unknown.
Giving an empty string as the second argument erases the password for the
user, but only in combination with the
-o
option.
Password changes may get logged using the
syslog(3)
facility, depending on compile-time defines (on by default).
If so, every change will
be logged at a low level as auth.notice, except for changing the root
password with will be logged with auth.warning.
OPTIONS
- -f, --fullname
-
Change the user's full name (the GECOS field of the passwd entry).
Invokes /usr/bin/chfn with the non-option command line arguments.
- -o, --force
-
Turn off simplicity checks on the new password. This option may only
be used by the super user. This is intend to allow simple initial
passwords given by the superuser.
- -s, --shell
-
Change the user's shell by invoking /usr/bin/chsh with the non-option
command line arguments.
- -q, --quiet, --silent
-
In this mode passwd won't tell that the passwd get's changed.
- -v, -V, --version
-
Prints version information and exits.
PASSWORD RULES
The new password must fulfill these rules:
- o
-
be at least six characters long;
- o
-
must not be equal to the old password;
- o
-
must contain characters out of at least two of the following classes:
upper and lower case letters, digits and non alphanumeric characters;
- o
-
must not match neither the username nor any word of the realname,
neither in normal nor in reverse order, neither at the beginning nor
at the end.
BUGS
If you change your mind there is no escaping from this program.
It will insist on a new password until killed from another terminal.
(This is caused by a bug in getpass(3): it ignores signals.)
FILES
- /etc/passwd
-
The password file.
SEE ALSO
chsh(1),
chfn(1),
syslog(3),
syslog.conf(5),
passwd(8).
AUTHOR
Peter Orbaek (poe@daimi.aau.dk).
Martin Schulze (joey@infodrom.north.de) with extensive rewriting and
improving done.
MAINTAINER
Nicolai Langfeldt (janl@math.uio.no)