Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 3.3 Entering Your PasswordChapter 3
Users and Passwords
Next: 3.5 Verifying Your New Password

3.4 Changing Your Password

You can change your password with the UNIX passwd command. passwd first asks you to type your old password, then asks for a new one. By asking you to type your old password first, passwd prevents somebody from walking up to a terminal that you left yourself logged into and then changing your password without your knowledge.

UNIX makes you type the password twice when you change it:

% passwd 
Changing password for sarah. 
Old password:tuna4fis
New password: nosmis32
Retype new password: nosmis32 

If the two passwords you type don't match, your password remains unchanged. This is a safety precaution: if you made a mistake typing the new password and UNIX only asked you once, then your password could be changed to some new value and you would have no way of knowing that value.

NOTE: On systems that use Sun Microsystems' NIS or NIS+, you may need to use the command yppasswd or nispasswd to change your password. Except for having different names, these passwords work the same way as passwd. However, when they run, they update your password in the network database with NIS or NIS+. When this happens, your password will be immediately available on other clients on the network. With NIS, your password will be distributed during the next regular update.

Even though passwords are not echoed when they are printed, the BACKSPACE or DELETE key (or whatever key you have bound to the "erase" function) will still delete the last character typed, so if you make a mistake, you can correct it.

After you have changed your password, your old password is no good. Do not forget your new password! If you forget your new password, you will need to have the system administrator set it to something you can use to log in and try again.

If your system administrator gives you a new password, immediately change it to something else that only you know! Otherwise, if your system administrator is in the habit of setting the same password for forgetful users, your account may be compromised by someone else who has had a temporary lapse of memory; see the following sidebar for an example.

NOTE: If you get email from your system manager, advising you that there are system problems and that you should immediately change your password to "tunafish" (or some other value), disregard the message and report it to your system management. These kinds of email messages are frequently sent by computer crackers to novice users. The hope is that the novice user will comply with the request and change his password to the one that is suggested - often with devastating results.

Previous: 3.3 Entering Your PasswordPractical UNIX & Internet SecurityNext: 3.5 Verifying Your New Password
3.3 Entering Your PasswordBook Index3.5 Verifying Your New Password