Linux: Force Users To Change Their Passwords Upon First Login

last updated November 4, 2014 in CentOS, Debian / Ubuntu, Fedora Linux, Linux, RedHat and Friends, Suse, Ubuntu Linux, User Management

How can I force my Linux users to change their passwords upon the first login under a CentOS / Debian Linux? How do I make sure user must change password at next logon on Linux server?

You can use any one of the following command to change user passwords upon the first login:

[a] usermod command – Modify various user account properties including user password expiry information.
Where,

[b] chage command – Change user password expiry information

Task: Use chage command to force users to chage their password upon first login

Use the following syntax to force a user to change their password at next logon on a Linux:

# chage -d 0 {user-name}
In this example, force tom to change his passsword at next logon, enter:
# chage -d 0 tom

-d 0 : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD. By setting it to zero, you are going to force user to change password upon first login.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

13 comment

Cyril says:
September 11, 2008 at 10:47 am
Very useful tip!
I’ll use it.
Grobsch says:
September 11, 2008 at 6:36 pm
Excellent tip for livecds… Thanks!!
Freddy says:
February 20, 2009 at 12:12 pm
Great …….. Very Useful
RRRolle says:
July 9, 2010 at 6:31 am
Task: Use chage command to force users to chage their password upon first login
Use the following syntax:
chage -d 0 {user-name}
# chage -d 0 tom
Hello out there! Must be something wrong with the spelling (chage)??
1. Joey says:
  October 26, 2010 at 5:39 pm
  RRRolle, there is nothing wrong with the spelling. ‘chage’ is correct. You are changing the aging attributes of the account — when the password expires, how long between required password changes, etc. chage -l will give this information:
  # chage -l nagios
  Last password change : Sep 17, 2010
  Password expires : Nov 16, 2010
  Password inactive : never
  Account expires : never
  Minimum number of days between password change : 1
  Maximum number of days between password change : 60
  Number of days of warning before password expires : 7
Senmic says:
August 21, 2012 at 9:13 am
Hi,
I am a new Linux user and I created users and set their password to expire and force them to change password on their first log in, I tried on one user ,it prompted me to enter current password and when i typed current password the screen usually sleeps. Can anyone advise?
john says:
October 25, 2013 at 7:21 am
very useful tip, thanks alot
Benny Helms says:
October 30, 2013 at 8:57 pm
One method that is easier than doing the math required by the above solutions is:
passwd -e username
This forces an immediate expiration, and forces a password change on the next login. I use it each time I create a user.
Hope this helps!
Haley says:
July 15, 2015 at 9:34 pm
Hey, is there a way to configure this so that the operating system does it automatically so an admin doesn’t have to go through all the users and run these commands?
Simran Kaur says:
October 7, 2015 at 1:41 am
useful answer :)
Thanks
ruel says:
December 20, 2015 at 2:26 am
I forgot my password
papali says:
May 5, 2016 at 3:28 pm
Very useful
Gracias!
Thy Ly says:
January 16, 2017 at 8:40 am
Hello Everyone!
How to Force samba Users To Change Their Passwords Upon First Login.
Thank you!
Thy Ly

Have a question? Post it on our forum!

Tagged as: account password, chage command, usermod command, Easy

Task: Use chage command to force users to chage their password upon first login

Further readings:

Posted by: Vivek Gite

13 comment