Skip to content
Menu
Mujahidtricks
  • Home
  • CONTACT US
  • ABOUT US
  • Terms and Conditions
  • Disclaimer
  • COOKIES POLICY
  • Privacy Policy
Mujahidtricks

Find user accounts with blank password in Linux

Posted on April 8, 2022 by admin

The worst kind of password is not a weak password, but no password at all. As a system administrator, you must ensure that each user account has a strong password. This short tutorial explains how to find user accounts with an empty password in Linux.

Before we get into the subject, let’s briefly summarize the shadow file and its purpose.

What is a shadow password file?

In RHEL systems, the user passwords are hashed and stored in a secure file called /etc/shadow† The shadow password file contains the user authentication and password aging details of the user accounts.

The shadow password file is owned by the root user and is only readable by the super users. You can verify ownership and permission of the shadow file with the following command:

# ls -l /etc/shadow
---------- 1 root root 618 Apr  7 07:52 /etc/shadow

The typical structure of an example row of the shadow file is given below.

user1:$6$5ps/XV21$EFmQ463GJZnsdF/:19089:0:99999:7:::

As you may already know, the shadow file has nine fields separated by a colon.

Let’s take a look at each field.

  • Archived 1 (Login Name) – This contains the login name (user1) as shown in the passwd File.
  • Filed 2 (encrypted password) – This file contains a hashed (encrypted) password of the user. If there is a single exclamation mark (!) at the beginning of this file, it means that the user account is locked. If this field is empty, the user does not have a password.
  • Archived 3 (Last change) – This field shows the number of days since the Unix era (ie Unix time – January 01, 1970 00:00:00 UTC) when the password was last changed. If this field contains 0, the user will be forced to change their password at the next login.
  • Archived 4 (minimum) – This field shows the minimum number of days (mindays) that must pass before the user is allowed to change his password. You can change this archived value with chage command with -m option.
  • Field 5 (maximum) – Shows the maximum number of days (maxdays) of password validity before the user password expires. If the file is 0, it means that this feature is disabled. The value of this field can be changed with chage command with -M option.
  • Archived 6 (Warning) – Indicates the number of days (warning days) for which the user will be warned to change their password before it expires. You can change this value with chage command with -W option or the passwd command with -w option.
  • Field 7 (Password Expired) – Defines the maximum allowed number of days that the user can log in with the expired password. This can be changed with chage command with -I flag of passwd command with -i flag.
  • Field 8 (account expiration) – Defines the number of days since the UNIX time when the user account expires and is no longer available. You can change the value of this field with chage command with -E option.
  • Field 9 (Reserved) – This field is reserved for future use.

As mentioned above, the encrypted passwords are stored in the second field of each entry in the shadow password file, just after the username.

So if the second field in the shadow file is empty, the user has no password. Allow me to show you an example to find all passwordless user accounts.

Find all user accounts without password in Linux

To detect all local user accounts without password, just run the following command as: root user:

# awk -F: '$2 == "" { print $1, "has empty password!. Please set a strong password ASAP!!" }' /etc/shadow

Sample output:

ostechnix has empty password!. Please set a strong password ASAP!!

You can also use getent command combined with grep and cut commands to identify passwordless local user accounts in Linux.

# getent shadow | grep -Po '^[^:]*(?=::)'

Or,

# getent shadow | grep '^[^:]*::' | cut -d: -f1

All the above commands will only list the local user accounts that have empty passwords. To display both the system accounts and the user accounts with an empty password, run .

# getent shadow | grep -Po '^[^:]*(?=:.?:)'

Or,

# getent shadow | grep '^[^:]*:.?:' | cut -d: -f1

Find user accounts with an empty password

Find a specific passwordless user account

The above commands list all local and system accounts without password. You can also check the password status of a specific user account with passwd command with -S flag.

# passwd -S ostechnix

Sample output:

ostechnix NP 2022-04-07 0 99999 7 -1 (Empty password.)

The passwd commands indicate the password status of the specified user account. The possible values ​​are:

  • LK – The user account is locked.
  • NP – The user account has no password.
  • PS – The user account has a usable password.

Setting User Password in Linux

You can login with a user without a password, but this is not recommended! You must set a strong password with at least 8 characters, including uppercase, lowercase, a special character, and a number.

To set the password for a user account in Linux, use passwd command if root user as below.

As root user:

# passwd ostechnix

Replace ostechnix with your own username.

Now check the password status of the user account with passwd assignment:

# passwd -S ostechnix

Sample output:

ostechnix PS 2022-04-07 0 99999 7 -1 (Password set, SHA512 crypt.)
Set password for user in Linux
Set password for user in Linux

Locking User Accounts in Linux

Sometimes you just want to lock the user accounts with blank passwords. If yes, first find the users with empty passwords as described above and lock them with passwd command with -l mark as root user as below.

# passwd -l ostechnix

Sample output:

Locking password for user ostechnix.
passwd: Success

Now check the user account status:

# passwd -S ostechnix

Sample output:

ostechnix LK 2022-04-07 0 99999 7 -1 (Password locked.)

See? The user is locked. He can no longer log into the system.

You can also use the usermod command with -L (capital L) flag to lock a user.

# usermod -L ostechnix

Unlock User Accounts in Linux

Use either to unlock the passwordless users in Linux: passwd command or usermod command with -p if root user.

# passwd ostechnix

Enter the password twice to unlock the password.

Unlocking users with an empty password is not possible, you must set a password with: usermod -p to unlock this user’s password.

# usermod -p <password-here> ostechnix

Conclusion

In this tutorial, we explained what the Shadow password file is and the purpose of this file in Linux. Next, we talked about different commands to find all user accounts that don’t have password in Linux. Finally, we learned how to set a password for a user and also how to lock and unlock the users in Linux.

Linux User Management

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Ansible
  • Computer
  • Linux User Management
  • Microsoft
  • Microsoft Surface
  • PHP MySQL
  • Reviews
  • Technology
  • Trending
  • Uncategorized
  • Windows 10 PC
  • Windows 11
  • XAMPP

Pages

  • ABOUT US
  • CONTACT US
  • COOKIES POLICY
  • Disclaimer
  • HOME
  • Privacy Policy
  • Terms and Conditions

Recent Posts

  • IDrive e2 cloud storage review
  • Microsoft files a patent for a phone that can be folded in two directions
  • Autel Evo Nano+ review | TechRadar
  • Microsoft: Windows 11 has the highest quality scores, promises more features
  • The collaboration between Xiaomi and Leica is official; they are launching their first phone in july
©2022 Mujahidtricks | Powered by WordPress & Superb Themes