Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 3.4 Changing Your PasswordChapter 3
Users and Passwords
Next: 3.6 The Care and Feeding of Passwords

3.5 Verifying Your New Password

After you have changed your password, try logging into your account with the new password to make sure that you've entered the new password properly. Ideally, you should do this without logging out, so you will have some recourse if you did not change your password properly. This is especially crucial if you are logged in as root and you have just changed the root password.

One way to try out your new password is to use the su command. Normally, the su command is used to switch to another account. But as the command requires that you type the password of the account to which you are switching, you can effectively use the su command to test the password of your own account.

%  su nosmis
password: mypassword 

(Of course, instead of typing nosmis and mypassword, use your own account name and password.)

If you're using a machine that is on a network, you can use the telnet or rlogin programs to loop back through the network and log in a second time by typing:

% telnet localhost 
Connected to localhost 
Escape character is '^]'   

artemis login: dawn 
password: techtalk 
Last login: Sun Feb 3 11:48:45 on ttyb 

You may need to replace localhost in the above example with the name of your computer.

If you try one of the earlier methods and discover that your password is not what you thought it was, you have a definite problem. To change the password to something you do know, you will need the current password. However, you don't know that password! You will need the help of the superuser to fix the situation. (That's why you shouldn't log out - if the time is 2 a.m. on Saturday, you might not be able to reach the superuser until Monday morning, and you might want to get some work done before then.)

The superuser (user root) can't decode the password of any user. However, the superuser can help you when you don't know what you've set your password to by setting your password to something else. If you are running as the superuser, you can set the password of any user, including yourself, without supplying the old password. You do this by supplying the username to the passwd command when you invoke it:

# passwd cindy
New password: NewR-pas 
Retype new password: NewR-pas 

Previous: 3.4 Changing Your PasswordPractical UNIX & Internet SecurityNext: 3.6 The Care and Feeding of Passwords
3.4 Changing Your PasswordBook Index3.6 The Care and Feeding of Passwords