Server Controls
      Back to home
      1. Help Center
      2. How-to Guides
      3. Server Controls

      How to change a user password on a Linux server

      While working on a Linux server, you may need to change the password for a user, including the root user. This guide will provide step-by-step instructions on how to achieve that.

      Key Points to Consider:

      • This guide is applicable to any user on the server, not just the root account.
      • Ensure you have root access or sudo privileges to change the password.

      Step-by-step instructions

      Step 1: Log in to your server

      1. Access your server using SSH from your terminal. Use the command below to connect: 
        $ ssh your_username@your_server_ip
        • Replace your_username with your actual username.
        • Replace your_server_ip with the server's IP address.

      Step 2: Verify Root or Sudo privileges

      1. Ensure you have root privileges by using the following command: 
        $ sudo -i

      Step 3: Change the user password

      1. Run the passwd command to change the password for a specific user. Replace username with the target user: 
        $ sudo passwd username
        • Enter the new password twice when prompted (see Fig. 1).

        Fig. 1. Terminal prompt to enter and confirm the new password.

      Step 4: Verify password change

      1. After successfully updating the password, you should see a confirmation message (see Fig. 2): 
        passwd: password updated successfully / passwd: all authentication tokens updated successfully

        Fig. 2. Output confirming that all authentication tokens have been successfully updated.

      Quick tip: Generate secure passwords using pwgen

      pwgen is a handy utility to generate strong, random passwords on Linux. Here are some useful options you can use with pwgen to create highly secure passwords:

      Step 1: Install pwgen

      If pwgen is not already installed, you can install it with:

      $ sudo apt install pwgen

      Step 2: Use pwgen to generate passwords

      Here are some common options you can use with pwgen to enhance password security:

      • Basic password generation: 
        $ pwgen 16 1
        This generates a 16-character password. You can adjust the number 16 for a different length, and 1 specifies how many passwords to generate.
      • Secure passwords (with -s): 
        $ pwgen -s 16 1
        This forces the password to be more random and secure, ideal for critical accounts.
      • Include symbols (with -y): 
        $ pwgen -sy 16 1
        This creates a secure password of 16 characters with symbols included.
      • Avoid ambiguous characters (with -B): 
        $ pwgen -B 16 1
        This generates passwords that avoids characters that could be mistaken for each other (like O and 0).
      • Force numeric digits in the password (with -n): 
        $ pwgen -n 16 1
        This ensures numeric digits are included.

      Summary of common pwgen options:

      • -s: Stronger, more random passwords.
      • -y: Include symbols in the password.
      • -B: Avoid ambiguous characters.
      • -n: Ensure the password includes numeric digits.

      Summary

      In this guide, we outlined how to change the password for any user on a Linux server using the passwd command. Additionally, we explored using the pwgen utility to generate secure passwords, along with several useful options (-s, -y, -B, -n) to customize the complexity and security of your passwords.

      Using these steps and tips will help ensure your server is secured with strong and unique passwords for each user.