chpasswd command allows updating the passwords of multiple users one at a time or in bulk. Even though the passwd command is a go-to tool for changing individual Linux user passwords, the
chpasswd utility is helpful when multiple changes are necessary.
This tutorial will show you how to use the
chpasswd command in Linux with examples.
- A Linux system (this tutorial uses Ubuntu 22.04).
- Access to the terminal.
- Root or sudo privileges.
- A text editor of your choice (this tutorial uses Vim).
The basic syntax for the
chpasswd command is:
chpasswd works without any options, as long as the user provides usernames and passwords as shown in the syntax. Arguments are not mandatory, but they provide additional functionality.
Sysadmins use several options to adjust how
chpasswd works. The most common options are listed below:
|Encrypts passwords before storing in the password file.
|Validates the password before it is stored.
|Encrypts the password using the
|Specifies the password file location.
|Displays the encrypted password to standard output instead of modifying the password file.
|Specifies the method to be used for encrypting the password. Available methods include
|Specifies the prefix for the
crypt(3) algorithm, such as
Blowfish encryption algorithm for the password with a minimum value of 1000 and a maximum value of 999,999,999. This option only works with the
SHA512 crypt method.
|Displays the help message and exits.
The chpasswd command is the primary tool for bulk-managing passwords on Linux systems. Therefore, the utility is useful for setting up a new system or resetting hundreds of passwords. The following instructions provide practical examples of using the
chpasswd command updates passwords for current users. To add a new user, use the adduser command. Running
chpasswd for nonexistent users results in an error message.
Update Passwords from Standard Input
When used without any options,
chpasswd reads a list of user names and corresponding new passwords from standard input and updates the system's password database with the new values.
chpasswd in this way, follow these steps:
1. Run the
chpasswd command as sudo without any options:
2. Provide the list of current user names and new passwords to be updated. The syntax is:
For example, to update passwords for three existing users,
Note: Do not use common words as passwords. When that happens, the terminal prints an error: BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word.
3. Hit ctrl+d to confirm that the list is complete.
Update Passwords from a File
Another way to bulk-update passwords with
chpasswd is to create a file with current usernames and passwords to be updated. The command reads data from the file and not from the standard input.
To update passwords this way, follow these steps:
1. Create a file in Vim called mypasswords.txt with:
2. List the three usernames with new passwords in the document:
4. Verify the file contents with cat:
chpasswd by redirecting data from the mypasswords.txt file using
sudo chpasswd < mypasswords.txt
The command prints no output.
Use Different Encryption Methods when Updating Passwords
By default, the
chpasswd command uses the
Pluggable Authentication Modules (PAM) library to authenticate users and encrypt passwords. Alternative encryption methods like
SHA-512 exist, but are considered less secure.
To change the encryption method, use the argument
chpasswd. For instance, to change the encryption method from
NONE, follow these steps:
1. Execute the command with the appropriate arguments:
sudo chpasswd -c NONE
2. Input the username and password to update:
3. Hit ctrl + d to complete the entry.
Switch to MD5 Encryption
Use a predetermined argument as a shortcut to changing encryption. For instance, to switch to the MD5 algorithm, follow these steps:
1. Run the
-m argument with
sudo chpasswd -m
2. Provide username and password.
3. Hit ctrl + d to finish the entry.
After reading this tutorial, you know how to change passwords for multiple users at once using the
Next, learn how to reset or change the root password in Ubuntu.