Question: I run a Linux server shared by many people. I just use the default password to create a new user, but I would like the user to change the password the first time you log on. Is there any way to make him / her password at next logon modify it?
In a multi-user Linux environment, the standard practice is to use a default random password to create a user account. After a successful login, new user change the default password. For security reasons, often recommended "force" a user to change the password the first time you log in to ensure that the single-use password will not be used again.
Here is how to force the user to modify his / her password at the next login.
Each Linux user associated with this different passwords and related configuration information. For example, a record of the date of the last password change, the number of days the minimum / maximum change the password, the password expires when the like.
Called chage command-line tool to access and adjust the password expiration configuration. You can use this tool to force the user to change the password at the next logon,
To view a specific user expiration information (for example: alice), run the following command. Note that except yourself view any other user's password information needs root privileges.
$ Sudo chage -l alice
Force users to change password
If you want to force the user to modify his / her password, use the following command.
$ Sudo chage -d0 < user-name >
Originally "-d" parameter is used to set the password "age" (that is, the number of days played last modified password 1970/1/1 played). Thus "-d0" means the last modified time is 1970/1/1 password, which allows the current password has expired, when he was also forced to make changes at the next logon password.
Another current password expires way is to use the passwd command.
$ Sudopasswd-e < user-name >
The above command and "chage -d0" role, getting the current user's password expires immediately.
Now check the user's information, you will find:
When you log in again, you will be asked to change the password. You will be asked to modify before once again verify the current password.
To set up a more comprehensive password policies (such as password complexity, prevent re-use), you can use PAM. See this article for more details.