Linux: Force Users To Change Their Passwords Upon First Login

How can I force my Linux users to change their passwords upon the first login under a CentOS / Debian Linux? How do I make sure user must change password at next logon on Linux server?

You can use any one of the following command to change user passwords upon the first login:


Tutorial details
DifficultyEasy (rss)
Root privilegesYes
[/donotprint][a] usermod command – Modify various user account properties including user password expiry information.

[b] chage command – Change user password expiry information

Task: Use chage command to force users to chage their password upon first login

Use the following syntax to force a user to change their password at next logon on a Linux:

# chage -d 0 {user-name}
In this example, force tom to change his passsword at next logon, enter:
# chage -d 0 tom

  • -d 0 : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD. By setting it to zero, you are going to force user to change password upon first login.
Further readings:
  • man pages – chage(8)
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
Network Utilitiesdig host ip nmap
Package Managerapk apt
Processes Managementbg chroot disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w

13 comments… add one
  • Cyril Sep 11, 2008 @ 10:47

    Very useful tip!
    I’ll use it.

  • Grobsch Sep 11, 2008 @ 18:36

    Excellent tip for livecds… Thanks!!

  • Freddy Feb 20, 2009 @ 12:12

    Great …….. Very Useful

  • RRRolle Jul 9, 2010 @ 6:31

    Task: Use chage command to force users to chage their password upon first login

    Use the following syntax:
    chage -d 0 {user-name}
    # chage -d 0 tom

    Hello out there! Must be something wrong with the spelling (chage)??

    • Joey Oct 26, 2010 @ 17:39

      RRRolle, there is nothing wrong with the spelling. ‘chage’ is correct. You are changing the aging attributes of the account — when the password expires, how long between required password changes, etc. chage -l will give this information:

      # chage -l nagios
      Last password change : Sep 17, 2010
      Password expires : Nov 16, 2010
      Password inactive : never
      Account expires : never
      Minimum number of days between password change : 1
      Maximum number of days between password change : 60
      Number of days of warning before password expires : 7

  • Senmic Aug 21, 2012 @ 9:13

    I am a new Linux user and I created users and set their password to expire and force them to change password on their first log in, I tried on one user ,it prompted me to enter current password and when i typed current password the screen usually sleeps. Can anyone advise?

  • john Oct 25, 2013 @ 7:21

    very useful tip, thanks alot

  • Benny Helms Oct 30, 2013 @ 20:57

    One method that is easier than doing the math required by the above solutions is:
    passwd -e username

    This forces an immediate expiration, and forces a password change on the next login. I use it each time I create a user.

    Hope this helps!

  • Haley Jul 15, 2015 @ 21:34

    Hey, is there a way to configure this so that the operating system does it automatically so an admin doesn’t have to go through all the users and run these commands?

  • Simran Kaur Oct 7, 2015 @ 1:41

    useful answer :)

  • ruel Dec 20, 2015 @ 2:26

    I forgot my password

  • papali May 5, 2016 @ 15:28

    Very useful

  • Thy Ly Jan 16, 2017 @ 8:40

    Hello Everyone!

    How to Force samba Users To Change Their Passwords Upon First Login.

    Thank you!
    Thy Ly

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.