passwd is a basic Unix command that changes user's password and lets you manage other aspects of password and account: lock account, delete password and report password status.
Change your own user password with passwd
If you just type passwd, the command will assume that you want to change your own password. Just to be on the safe side, it will prompt you for your current password. If you don't provide the correct password, the command will fail without allowing new password to be configured. This means if you accidentally forget to lock your workstation and leave a terminal session open, nobody will be able to change your password (becasue they don't know your current password):
[email protected]:~ $ passwd Changing password for user greys. Changing password for greys. (current) UNIX password: New password: Retype new password: passwd: all authentication tokens updated successfully.
Change any user password with passwd
If you know root password or have sudo privilege, it's possible to change Unix password for any user in the system.
To demonstrate it better: regular (non-root) user is not allowed to specify username for the passwd command (even their own one):
[email protected]:~ $ passwd techstack passwd: Only root can specify a user name.
But with sudo privilege, it works just fine:
[email protected]:~ $ sudo passwd techstack Changing password for user prometheus. New password: Retype new password: passwd: all authentication tokens updated successfully.
Confirm password status with passwd
[email protected]:~ $ sudo passwd -S techstack techstack PS 2018-01-19 0 99999 7 -1 (Password set, MD5 crypt.)
Among other things, it shows the date of last password change for the techstack user: 2018-01-19.
and this is what happens after I changed password (using commands above):
[email protected]:~ $ sudo passwd -S techstack techstack PS 2019-04-23 0 99999 7 -1 (Password set, MD5 crypt.)
Note how the date changed to 2019-04-23.