passwd changes the password for a user account. Without arguments it changes your own; root can change any user's password.
passwd # change your own password
sudo passwd alice # change alice's password (root)
passwd -l alice # lock account (prepends ! to hash)
passwd -u alice # unlock
passwd -d alice # delete password (blank, risky)
passwd -e alice # force change at next login
The encrypted password hash lives in /etc/shadow, readable only by root. On modern Linux it is salted SHA-512 or yescrypt; the format is documented in man 5 shadow. Policies for complexity, age, and history are enforced via PAM modules like pam_pwquality.
Related terms: /etc/shadow, pam, sudo, useradd
Discussed in:
- Chapter 9: Users, Groups, and Permissions · Users and Authentication
