Linux: Force Users To Change Their Passwords Upon First Login

last updated in Categories , , , , , , ,

How can I force my Linux users to change their passwords upon the first login under a CentOS / Debian Linux? How do I make sure user must change password at next logon on Linux server?

You can use any one of the following command to change user passwords upon the first login:

Advertisements

[donotprint][/donotprint][a] usermod command – Modify various user account properties including user password expiry information.
Where,

[b] chage command – Change user password expiry information

Task: Use chage command to force users to chage their password upon first login

Use the following syntax to force a user to change their password at next logon on a Linux:

# chage -d 0 {user-name}
In this example, force tom to change his passsword at next logon, enter:
# chage -d 0 tom

  • -d 0 : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD. By setting it to zero, you are going to force user to change password upon first login.
Further readings:
  • man pages – chage(8)

ADVERTISEMENTS

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

13 comment

  1. Task: Use chage command to force users to chage their password upon first login

    Use the following syntax:
    chage -d 0 {user-name}
    # chage -d 0 tom

    Hello out there! Must be something wrong with the spelling (chage)??

    1. RRRolle, there is nothing wrong with the spelling. ‘chage’ is correct. You are changing the aging attributes of the account — when the password expires, how long between required password changes, etc. chage -l will give this information:

      # chage -l nagios
      Last password change : Sep 17, 2010
      Password expires : Nov 16, 2010
      Password inactive : never
      Account expires : never
      Minimum number of days between password change : 1
      Maximum number of days between password change : 60
      Number of days of warning before password expires : 7

  2. Hi,
    I am a new Linux user and I created users and set their password to expire and force them to change password on their first log in, I tried on one user ,it prompted me to enter current password and when i typed current password the screen usually sleeps. Can anyone advise?

  3. One method that is easier than doing the math required by the above solutions is:
    passwd -e username

    This forces an immediate expiration, and forces a password change on the next login. I use it each time I create a user.

    Hope this helps!

  4. Hey, is there a way to configure this so that the operating system does it automatically so an admin doesn’t have to go through all the users and run these commands?

    Still, have a question? Get help on our forum!