How to Force User to Change Password at Next Login in Linux

In our last article, we’ve explained you how to change user password expiry information in Linux, where we looked at different examples of the chage command. In this article, we will elaborate on how to forcefully make a user to change his/her password at the next login in Linux.

Read Also: 3 Ways to Change a Users Default Shell in Linux

Note that if you have just created a user account with a default password, you can also use this trick to force that user to change their password upon the first login.

There are two possible ways to achieve this, as described in detail, below.

Using passwd Command

To force a user to change his/her password, first of all the password must have expired and to cause a user’s password to expire, you can use the passwd command, which is used to change a user’s password by specifying the -e or --expire switch along with username as shown.

# passwd --expire ravi

Next verify the user ravi’s password expiration and aging information with the chage command as shown.

# chage -l ravi
Check User Password Expiration Information
Check User Password Expiration Information

After running the passwd command above, you can see from the output of the chage command that the user’s password must be changed. Once the user ravi tries to login next time, he will be prompted to change his password before he can access a shell as shown in the following screen shot.

User Forced to Change Password
User Forced to Change Password

Using chage Command

Alternatively, you can use the chage command, with the -d or --lastday option which sets the number of days since January 1st, 1970 when the password was last changed.

Now to set the password expiry of user, run the following command by specifying the day to zero (0), means that the password has not been changed since the above date (i.e. January 1st, 1970), so the password has literally expired and needs to be changed immediately before the user can access the system again.

# chage --lastday 0 ravi
OR
# chage --lastday 1970-01-01 ravi

Next check the user ravi’s password expiration and aging information with the chage command using -l option as shown.

# chage -l ravi
Check Password Expiration Information
Check Password Expiration Information

Here are some additional user management guides for you.

  1. 11 Ways to Find User Account Info and Login Details in Linux
  2. How to Delete User Accounts with Home Directory in Linux
Conclusion

It is always recommended to remind users to change their account passwords regularly for security reasons. In this article, we have explained two ways to force users to change their password in the next login. You can ask any questions via the comment form below.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

8 Comments

Leave a Reply
  1. Hello Team,

    if there is a way to make the password set by system security admin or root role permanent so that no change is required at first login.

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.