How to Change User and Root Password in Ubuntu

In this guide, we’ll go beyond the simple “passwd” command. You’ll learn how to change user and root password in Ubuntu (either via the terminal or the GUI), enforce strong password policies with PAM, monitor failed logins, and even compare Ubuntu’s approach to password management with alternatives like Windows Server. In addition to step-by-step instructions, we also provide real-world experiences and practical tips to help you avoid common mistakes and keep your system secure at a realistic level.

Passwords are still one of the weakest links in the cybersecurity chain, and attackers are well aware of this, according to various security reports, Brute-force and the famous Dictionary attacks are still the most common methods of breaking into Linux servers, including Ubuntu, Although Ubuntu has really strong security mechanisms by default, but if users continue to use default or weak passwords, the entire system is at risk. That’s why changing the default password is not a simple everyday task, but a vital part of a multi-layered security strategy.

Change User and Root Password in Ubuntu Server

Whether you are a regular user or a system administrator, you may sometimes feel that your account is at risk and need to change your password. Learning this simple but crucial process can ensure your security.

How to Change the Password of the Current User on Ubuntu

To change the current user’s password:

passwd <username>

• First, enter your current password.
• Then set a new password and enter it again to confirm.

Note: The system will warn you if your password is too simple. It is best to use a combination of uppercase and lowercase letters, numbers, and symbols.

How to Change the Password for Another User on Ubuntu

If you want to change another user’s password, you must do so with root or sudo access.

1- Log in to the root account:

su –

passwd <username>

2- Use sudo:

sudo passwd <username>

In this case, enter the sudo password first, then you can set a new password for the other user.

Note: If sudo is not configured correctly, you may get a “Permission denied” error.

The desired output indicates that the new password has been updated successfully. Also, if you are not a root user and want to change the password of another user, you will see the notification in the following image:

How to Change Root User Password

To change the root user password:

1- Login as root:

su-

passwd <username>

or with sudo:

sudo passwd root

After entering the current password, you can set a new root password.

How To Change User Password via UI

If you prefer to do this with the graphical interface, enter the Settings section.

Now go to the Users tab from the left panel and click on the unlock button in the upper right corner, if you are changing the password of the current user, there is no need to unlock.

Currently, to change the password for any other account, you must unlock it:

Type the password in the corresponding box in the image below and click the Authenticate button:

Then, according to the picture, select the desired user account to change the password and click on the Password section in the Authentication and Login section:

Now the desired box to change the password below will open.

If you are changing the password for the current user, you must enter the current password, then enter the new password with the help of the image in the next field to confirm it and re-enter it. When done, press the Change button:

Security Tips & Special commands 

1- Setting Strong Password Policies with PAM

The ” /etc/pam.d/common-password/” file can also be configured to force the user to choose complex passwords, for example:

password required pam_pwquality.so retry=3 minlen=12 difok=4

This step ensures that the password is at least 12 characters long and also has at least 4 differences from the previous password.

2- Monitor failed login attempts

The following command shows the number of failed login attempts for each user:

faillog -u username

3- Quickly change passwords for multiple users 

If you have multiple accounts whose passwords need to be changed at the same exact time, you can try the following commands:

echo "user1:newpass1" | sudo chpasswd
echo "user2:newpass2" | sudo chpasswd

Real-world Experience and Practical Tips

When I first tried to change my user password in Ubuntu, I thought I would just run the famous “passwd” command, and that was it, but I found that if I chose a password that was too simple, the system would warn me and not even allow me to use it, here on one of the servers I managed, the security team had to block all access to prevent intrusion due to a simple password choice!! Since then, I have always used a password manager and also have saved a long and complex password for the root account, so this experience made me realize that it is not enough to just change the password, but also to choose a strong and managed password.

Comparison with alternatives

• On Windows servers, changing passwords is usually accompanied by complex policies, and if not followed, the account will be locked.
• In Ubuntu, you can also implement this level of security with tools like passwd, chage, and PAM settings.
• In Linux, you can easily disable root login and replace the old password with an SSH key, which is more secure than simply changing the password.

Conclusion

Changing your password in Ubuntu is not just a simple command; it is an important part of a security strategy, attackers are always looking for accounts with default or weak passwords, and if you just set a short password, you are actually leaving the door open for intrusion, By combining multiple layers of security, including choosing long, complex passwords, using PAM, monitoring failed logins, and replacing passwords with SSH keys, you can really increase the level of security of your system, so well, Practical experience are all showing that even a small carelessness in password selection or management can lead to a big disaster, Remember: a strong password is your first line of defense, but it is maintaining,  and managing it properly that ensures true, lasting security, if you follow these steps, your Ubuntu will be resistant to many common attacks and maintain the trust of your users and your organization.