password

NAME

password, passwd - change password

SYNOPSIS

password [ -o ] [ -q ] [ -v ] [ name [ password ]]
password -f [ arguments to chfn ]
password -s [ arguments to chsh ]

DESCRIPTION

Without arguments password will change the password for the current user. First the user is asked for the old password, then prompted twice for the new password in order to catch typing errors.

The one and two argument forms may only be used by the superuser. Using the one argument form, the superuser may change the password for that user. The superuser is not asked for the users old password, but the rules for proper passwords are also applied unless the -o option is used. The superuser may have legitimate reasons to choose a non-conformant password.

The two argument form gives the user the password stated as the second argument. This may be useful when giving many users an initial generated password. But it can also be extremely dangerous. A simple script bug might change to root password to something unknown.

Giving an empty string as the second argument erases the password for the user, but only in combination with the -o option.

Password changes may get logged using the syslog(3) facility, depending on compile-time defines (on by default). If so, every change will be logged at a low level as auth.notice, except for changing the root password with will be logged with auth.warning.

 

OPTIONS

-f, --fullname
Change the user's full name (the GECOS field of the passwd entry). Invokes /usr/bin/chfn with the non-option command line arguments.
-o, --force
Turn off simplicity checks on the new password. This option may only be used by the super user. This is intend to allow simple initial passwords given by the superuser.
-s, --shell
Change the user's shell by invoking /usr/bin/chsh with the non-option command line arguments.
-q, --quiet, --silent
In this mode passwd won't tell that the passwd get's changed.
-v, -V, --version
Prints version information and exits.

 

PASSWORD RULES

The new password must fulfill these rules:
o
be at least six characters long;

o
must not be equal to the old password;

o
must contain characters out of at least two of the following classes: upper and lower case letters, digits and non alphanumeric characters;

o
must not match neither the username nor any word of the realname, neither in normal nor in reverse order, neither at the beginning nor at the end.
 

BUGS

If you change your mind there is no escaping from this program. It will insist on a new password until killed from another terminal. (This is caused by a bug in getpass(3): it ignores signals.)  

FILES

/etc/passwd
The password file.
 

SEE ALSO

chsh(1), chfn(1), syslog(3), syslog.conf(5), passwd(8).  

AUTHOR

Peter Orbaek (poe@daimi.aau.dk).
Martin Schulze (joey@infodrom.north.de) with extensive rewriting and improving done.
 

MAINTAINER

Nicolai Langfeldt (janl@math.uio.no)