I have a lot of users in my Linux servers. Security is important for me. I know that one of the important security measure is passwords. The length, complexity, change period etc. How can I force user to change password in first login? We will use
change command to force user change password in the first login.
Check Current Status
We will check current user password status with
chage command like below. We will provide the
-l option which will list current password policy and related information about given user name. We will list the user name
ismail password policy in this example.
$chage -l ismail
- `Last password change` will provide when the password is changed last time
- `Password Expires` will list when the password will expire
- `Account Expires` will list when the account will be expire
- `Maximum number of days between password change` will list gap between password change
- `Number of days of warning before password expires` will list when the warning to change password will be displayed before password change time.
Force User Password Change in The First Login
If we do not provide some time to the user for the password change we can force the user. In order to force the user we will use
-d option by providing the time for change password. We will provide 0 day which will force the user to change password.
$ chage -d 0 ismail
- chage is the command used to change password policy
- -d 0 specifies password must change in 0 days which is first login
- test2 is our user the password policy will be applied
Check The Status Again
We will check if force password change implemented
$ chage -l ismail Last password change : password must be changed Password expires : password must be changed Password inactive : password must be changed Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
As we see that lines provides password must be changed message.