How can you force user to change their password upon first login in Red Hat, CantOS, Fedora or apt based distributions such as Ubuntu?
You can use following tools to modify a linux users properties:
- [usermod] command accept various parameters to change the user account parameters.
- [chage] command is another alternate option to setup account lockouts, password expiries etc.
Doing a quick help on “chage” command you will see few options as shown below. These options determines the password aging parameters which can force users to change their passwords upon first login
[root@rh1t ~]# chage -l Usage: chage [options] LOGIN Options: -d, --lastday LAST_DAY set date of last password change to LAST_DAY -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE -h, --help display this help message and exit -I, --inactive INACTIVE set password inactive after expiration to INACTIVE -l, --list show account aging information -m, --mindays MIN_DAYS set minimum number of days before password change to MIN_DAYS -M, --maxdays MAX_DAYS set maximim number of days before password change to MAX_DAYS -R, --root CHROOT_DIR directory to chroot into -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
Force Users To Change Their Password Upon First Login
[root@rh1t ~]# chage -d 0 test
Above command will force users to change their password upon first login i.e. User was able to authenticate with valid username and password at least once.
Further Reading“man” pages are always our best friends to learn more about command and its parameters. Feel free to do a
man chageto unleash the power of chage command.