PASSWD(1) RISC/os Reference Manual PASSWD(1)
NAME
passwd - change login password and password attributes
SYNOPSIS
passwd [ name ]
passwd [ -l | -d ] [ -f ] [ -n min ] [ -x max ] [ -w warn ]
name
passwd -s [ -a ]
passwd -s [ name ]
DESCRIPTION
The passwd command changes the password or lists password
attributes associated with the user's login name. Addition-
ally, superusers may use passwd to install or change pass-
words and attributes associated with any login name.
When used to change a password, passwd prompts ordinary
users for their old password, if any. It then prompts for
the new password twice. When the old password is entered,
passwd checks to see if it has aged sufficiently. If aging
is insufficient, passwd terminates; see shadow(4).
Assuming aging is sufficient, a check is made to ensure that
the new password meets construction requirements. When the
new password is entered a second time, the two copies of the
new password are compared. If the two copies are not ident-
ical the cycle of prompting for the new password is repeated
for at most two more times.
Passwords must be constructed to meet the following require-
ments:
Each password must have at least six characters. Only
the first eight characters are significant. PASSLEN is
found in /etc/default/passwd and is set to 6.
Each password must contain at least two alphabetic
characters and at least one numeric or special charac-
ter. In this case, alphabetic refers to all upper or
lower case letters.
Each password must differ from the user's login name
and any reverse or circular shift of that login name.
For comparison purposes, an upper case letter and its
corresponding lower case letter are equivalent.
New passwords must differ from the old by at least
three characters. For comparison purposes, an upper
case letter and its corresponding lower case letter are
Printed 11/19/92 Page 1
PASSWD(1) RISC/os Reference Manual PASSWD(1)
equivalent.
Superusers (e.g., real and effective user ID equal to zero,
see id(1M) and su(1M)) may change any password; hence,
passwd does not prompt superusers for the old password.
superusers are not forced to comply with password aging and
password construction requirements. A superuser can create
a null password by entering a carriage return in response to
the prompt for a new password. (This differs from passwd -d
because the "password" prompt will still be displayed.)
Any user may use the s option to show password attributes
for his or her own login name.
The format of the display will be:
name status mm/dd/yy min max warn
or, if password aging information is not present,
name status
where
name The login ID of the user.
status The password status of name: PS stands for pass-
worded or locked, LK stands for locked, and NP
stands for no password.
mm/dd/yy The date password was last changed for name.
(Note that all password aging dates are deter-
mined using Greenwich Mean Time and, therefore,
may differ by as much as a day in other time
zones.)
min The minimum number of days required between
password changes for name. MINWEEKS is found in
/etc/default/passwd and is set to NULL.
max The maximum number of days the password is valid
for name. MAXWEEKS is found in
/etc/default/passwd and is set to NULL.
warn The number of days relative to max before the
password expires that the name will be warned.
Only a superuser can use the following options:
a Show password attributes for all entries. Use
only with s option; name must not be provided.
Page 2 Printed 11/19/92
PASSWD(1) RISC/os Reference Manual PASSWD(1)
d Deletes password for name. The login name will
not be prompted for password.
f Force the user to change password at the next
login by expiring the password for name.
l Locks password entry for name.
n Set minimum field for name. The min field con-
tains the minimum number of days between password
changes for name. If min is greater than max, the
user may not change the password. Always use this
option with the x option, unless max is set to -1
(aging turned off). In that case, min need not be
set.
s Show password attributes to the user for his or
her own login name.
w Set warn field for name. The warn field contains
the number of days before the password expires
that the user will be warned.
x Set maximum field for name. The max field con-
tains the number of days that the password is
valid for name. The aging for name will be turned
off immediately if max is set to -1. If it is set
to 0, then the user is forced to change the pass-
word at the next login session and aging is turned
off.
FILES
/etc/shadow, /etc/passwd, /etc/oshadow
SEE ALSO
login(1).
crypt(3C), passwd(4), shadow(4) in the Programmer's Refer-
ence Manual.
useradd(1M), usermod(1M), userdel(1M), id(1M), passmgmt(1M),
pwconv(1M), su(1M), in the System Administrator's Reference
Manual.
DIAGNOSTICS
The passwd command exits with one of the following values:
0 SUCCESS.
1 Permission denied.
2 Invalid combination of options.
3 Unexpected failure. Password file unchanged.
Printed 11/19/92 Page 3
PASSWD(1) RISC/os Reference Manual PASSWD(1)
4 Unexpected failure. Password file(s) missing.
5 Password file(s) busy. Try again later.
6 Invalid argument to option.
Page 4 Printed 11/19/92