I have a lot of users in my Linux servers. Security is important for me. I know that one of the important security measure is passwords. The length, complexity, change period etc. How can I force user to change password in first login? We will use
change command to force user change password in the first login.
Check Current Status
We will check current user password status with
chage command like below. We will provide the
-l option which will list current password policy and related information about given user name. We will list the user name
ismail password policy in this example.
$chage -l ismail
Last password changewill provide when the password is changed last time
Password Expireswill list when the password will expire
Account Expireswill list when the account will be expire
Maximum number of days between password changewill list gap between password change
Number of days of warning before password expireswill list when the warning to change password will be displayed before password change time.
Force User Password Change in The First Login
If we do not provide some time to the user for the password change we can force the user. In order to force the user we will use
-d option by providing the time for change password. We will provide 0 day which will force the user to change password.
$ chage -d ismail
- chage is the command used to change password policy
- -d 0 specifies password must change in 0 days which is first login
- test2 is our user the password policy will be applied
Check The Status Again
We will check if force password change implemented
$ chage -l ismail
Last password change : password must be changed
Password expires : password must be changed
Password inactive : password must be changed
Account expires : never
Minimum number of days between password change :
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
As we see that lines provides password must be changed message.