≡ Menu

Linux: Force Users To Change Their Passwords Upon First Login

How can I force my Linux users to change their passwords upon the first login under a CentOS / Debian Linux? How do I make sure user must change password at next logon on Linux server?

You can use any one of the following command to change user passwords upon the first login:

Tutorial details
DifficultyEasy (rss)
Root privilegesYes
Estimated completion time1m
[a] usermod command - Modify various user account properties including user password expiry information.

[b] chage command - Change user password expiry information

Task: Use chage command to force users to chage their password upon first login

Use the following syntax to force a user to change their password at next logon on a Linux:

# chage -d 0 {user-name}
In this example, force tom to change his passsword at next logon, enter:
# chage -d 0 tom

  • -d 0 : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD. By setting it to zero, you are going to force user to change password upon first login.
Further readings:
Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 9 comments… add one }

  • Cyril September 11, 2008, 10:47 am

    Very useful tip!
    I’ll use it.

  • Grobsch September 11, 2008, 6:36 pm

    Excellent tip for livecds… Thanks!!

  • Freddy February 20, 2009, 12:12 pm

    Great …….. Very Useful

  • RRRolle July 9, 2010, 6:31 am

    Task: Use chage command to force users to chage their password upon first login

    Use the following syntax:
    chage -d 0 {user-name}
    # chage -d 0 tom

    Hello out there! Must be something wrong with the spelling (chage)??

    • Joey October 26, 2010, 5:39 pm

      RRRolle, there is nothing wrong with the spelling. ‘chage’ is correct. You are changing the aging attributes of the account — when the password expires, how long between required password changes, etc. chage -l will give this information:

      # chage -l nagios
      Last password change : Sep 17, 2010
      Password expires : Nov 16, 2010
      Password inactive : never
      Account expires : never
      Minimum number of days between password change : 1
      Maximum number of days between password change : 60
      Number of days of warning before password expires : 7

  • Senmic August 21, 2012, 9:13 am

    I am a new Linux user and I created users and set their password to expire and force them to change password on their first log in, I tried on one user ,it prompted me to enter current password and when i typed current password the screen usually sleeps. Can anyone advise?

  • john October 25, 2013, 7:21 am

    very useful tip, thanks alot

  • Benny Helms October 30, 2013, 8:57 pm

    One method that is easier than doing the math required by the above solutions is:
    passwd -e username

    This forces an immediate expiration, and forces a password change on the next login. I use it each time I create a user.

    Hope this helps!

  • Haley July 15, 2015, 9:34 pm

    Hey, is there a way to configure this so that the operating system does it automatically so an admin doesn’t have to go through all the users and run these commands?

Leave a Comment