Password is a key or a Secret word or a string of characters which is used to protect your assets or information from others in the cyber world. It is used for authentication, to prove our identity or to gain access to our own resources. It should be kept secret to prevent access by unauthorized users.
There are so many techniques are available through which bad guys so called hackers or crackers can crack your password by means of:
- Bruteforce Attacks
- Shoulder Surfing (Social Engineering)
- Dictionary Attacks
In this article, we’ll demonstrate that how you can change the password forcefully by next login attempt by user in Linux OS.
To do this, there are basically two ways:
- With Passwd Command
- With Chage Command
With Passwd Command –
Before to do, let’s create a new user account with the help of useradd command of name “tom” whose current password is also tom.
Command: useradd -c “Sr. Editor at Yeahhub.com” tom && passwd tom
Next run the following command which will expire the password of tom user so that the tom user will have to change his password forcefully during the next login attempt.
Command: passwd -e tom
On other Terminal, we’re trying to login as tom user and you can see that, it’s asking to set the new password immediately.
With chage Command –
The same can also be done with chage command which stands for Change Age. Before to do, let’s create another user of name alex whose password is alex as shown below:
Command: useradd -c “Jr. Editor at Yeahhub.com” alex && passwd alex
Next run the following command where you need to set the user’s date of last password value to 0 as shown below:
Command: chage -d 0 alex
And try to login with alex user in new terminal which asks you to set the new password immediately as shown below:
Things to be remembered while creating Strong Passwords
- Use at least 8 characters or more to create a password. The more number of characters we use, the more secure is our password.
- Use various combinations of characters while creating a password. For example, create a password consisting of a combination of lowercase, uppercase, numbers and special characters etc..
- Avoid using the words from dictionary. They can be cracked easily.
- Create a password such that it can be remembered. This avoids the need to write passwords somewhere, which is not advisable.
- A password must be difficult to guess.
- Change the password frequently at least 2 weeks once
Guidelines for maintaining a good password
- Change the password once in two weeks or when you suspect someone knows the password
- Do not use a password that was used earlier
- Be careful while entering a password when someone is sitting beside you.
- Store the passwords on computer with the help of an encryption utility.
- Do not use the name of things located around you as passwords for your account.