How to Change Passwords and Understand Password Policies in Linux
Utsav LamichhaneChanging your password in Linux is a simple task — but behind the scenes, there are a few important rules and systems making sure your passwords stay strong and secure.
In this blog post, we'll walk through how to change passwords, what happens when you pick a weak one, and where Linux keeps its password policies.
Let’s dive in!
Changing Your Own Password
If you want to update your own password, the process couldn't be easier.
Just open your terminal and run:
$ passwd
When you do this, Linux will:
Ask you to enter your current password.
Then prompt you to type in your new password.
Finally, it will ask you to retype the new password to confirm.
That’s it! Quick and secure.
Changing Another User's Password
If you’re logged in as root or have sudo privileges, you can also reset passwords for other users.
Use this command:
$ sudo passwd username
Just replace username with the actual username of the person you’re updating the password for.
You'll be prompted to enter the new password for them — no need to know their old one.
This is super handy for system administrators who need to reset forgotten passwords.
Why Linux Complains About "Bad Passwords"
These days, Linux systems are very strict about password strength.
If you try setting a simple password like 12345678, you’ll get an error like this:
utsav@utsav:~$ passwd
Changing password for utsav.
Current password:
BAD PASSWORD: The password fails the dictionary check - it is too simplistic/systematic
This happens because Linux is protecting you — it doesn’t want anyone guessing your password easily.
Most Linux systems expect your password to:
Be at least 8 characters long,
Include a mix of uppercase letters, lowercase letters, numbers, and special characters,
Avoid simple or dictionary-based words.
Strong passwords are your first line of defense against unauthorized access!
Where Linux Password Rules Are Set
You might be wondering: where are all these password rules coming from?
Linux uses a few important configuration files to control password policies:
| File | Purpose |
/etc/login.defs | Sets basic password behavior like minimum length and expiration policies. |
/etc/pam.d/common-password | Applies password complexity requirements using PAM (Pluggable Authentication Modules). |
/etc/security/pwquality.conf | Allows detailed control over password strength requirements. |
Each of these files plays a role in making sure users pick strong, secure passwords.
Customizing Password Policies
If you're a system administrator, you might want to tighten (or loosen) your system’s password rules.
You can do this by editing the /etc/security/pwquality.conf file.
Here's an example of what you might see inside:
minlen = 8
minclass = 3
maxrepeat = 2
What these settings mean:
minlen = 8: Passwords must be at least 8 characters long.minclass = 3: Passwords must contain characters from at least three different classes (like uppercase, lowercase, digits, symbols).maxrepeat = 2: No more than two of the same character in a row.
To edit the file, you can use:
$ sudo nano /etc/security/pwquality.conf
Make your changes, save the file, and your new policies will be enforced immediately.
Final Thoughts
Keeping your passwords strong on Linux isn’t just a good habit — it’s one of the best ways to keep your system safe.
A tough, complex password (plus a few smart rules) can protect you from hackers, mistakes, and all kinds of trouble.
The more you know about how Linux handles password changes and security, the better (and more confident) you’ll be — whether you're just using your system or running the whole show.
So next time you’re picking a new password, take a few extra seconds to make it strong. It’s a small thing that makes a huge difference!
Subscribe to my newsletter
Read articles from Utsav Lamichhane directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by