1.\" $OpenBSD: passwd.1,v 1.48 2022/03/31 17:27:26 naddy Exp $ 2.\" 3.\" Copyright (c) 1990 The Regents of the University of California. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" from: @(#)passwd.1 6.11 (Berkeley) 7/24/91 31.\" 32.Dd $Mdocdate: March 31 2022 $ 33.Dt PASSWD 1 34.Os 35.Sh NAME 36.Nm passwd 37.Nd modify a user's password 38.Sh SYNOPSIS 39.Nm passwd 40.Op Ar user 41.Sh DESCRIPTION 42.Nm 43changes the user's password. 44If no 45.Ar user 46is specified, the user's login name is used (see 47.Xr logname 1 ) . 48First, the user is prompted for their current password. 49If the current password is correctly typed, a new password is requested. 50The new password must be entered twice to avoid typing errors. 51.Pp 52The new password should be at least six characters long and not 53purely alphabetic. 54A mixture of both lower and uppercase letters, numbers, and 55meta-characters is encouraged. 56.Pp 57The quality of the password can be enforced by specifying an external 58checking program via the 59.Dq passwordcheck 60variable in 61.Xr login.conf 5 . 62.Pp 63The superuser is not required to provide a user's current password 64if only the local password is modified. 65.Pp 66Password encryption parameters depend on the configuration of the 67.Dq localcipher 68capability in 69.Xr login.conf 5 . 70If none is specified then blowfish is used, with the number of 71rounds selected based on system performance. 72.Sh FILES 73.Bl -tag -width /etc/master.passwd -compact 74.It Pa /etc/login.conf 75configuration options 76.It Pa /etc/master.passwd 77user database 78.It Pa /etc/passwd 79user database, with confidential information removed 80.It Pa /etc/passwd.XXXXXX 81temporary copy of the password file 82.It Pa /etc/ptmp 83lock file for the passwd database 84.El 85.Sh DIAGNOSTICS 86.Bl -diag 87.It "Attempting to lock password file, please wait or press ^C to abort" 88.Pp 89The password file is currently locked by another process; 90.Nm 91will keep trying to lock the password file until it succeeds or 92you hit the interrupt character (control-C by default). 93If 94.Nm 95is interrupted while trying to gain the lock, the password change will 96be lost. 97.Pp 98If the process holding the lock was prematurely terminated, the lock 99file may be stale and 100.Nm 101will wait forever trying to lock the password file. 102To determine whether a live process is actually holding the lock, the 103admin may run the following: 104.Bd -literal -offset indent 105$ fstat /etc/ptmp 106.Ed 107.Pp 108If no process is listed, it is safe to remove the 109.Pa /etc/ptmp 110file to clear the error. 111.El 112.Sh SEE ALSO 113.Xr chpass 1 , 114.Xr encrypt 1 , 115.Xr logname 1 , 116.Xr login.conf 5 , 117.Xr passwd 5 , 118.Xr pwd_mkdb 8 , 119.Xr vipw 8 120.Rs 121.%A Robert Morris 122.%A Ken Thompson 123.%T Password security: a case history 124.%J Communications of the ACM 125.%V Volume 22 126.%N Issue 11 127.%D Nov. 1979 128.%P pp. 594\(en597 129.Re 130.Sh HISTORY 131A 132.Nm 133command appeared in 134.At v3 . 135