How to reset a forgotten login password in Linux

If you cannot log in to the Linux system because you forgot your user account password, it is possible to solve the problem! Although this password cannot be recovered (by simple methods), but it can be reset and replaced with a new one, this guide will tell you what to do if forgot the user’s password in Linux.

How to change a Linux user password

Any users from the group of administrators (whose account is in the group wheel) can change the password for any other user, both for unprivileged accounts, and for other administrators, including root. Therefore, if you forgot the root password, but remember the password of the user who has the right to execute commands with sudo, then the password can be restored with the passwd command. To change the root password, run:

sudo passwd

To change the password of any user:

sudo passwd username

Where instead of username you need to substitute the name of the Linux user account.

What to do if forgot Linux login password

If you do not have other administrative accounts and if you forgot the Linux account password, you cannot enter the operating system, then to reset the password we need a single-user mode.

In single-user mode, credentials are not asked (login, password), while the logged user has superuser permissions. In this mode, using the familiar passwd command, it is possible to set a new password.

The algorithm in all Linux distributions is similar:

1. Interrupting the GRUB boot loader
2. Add the boot option that enable single-user mode
3. Resume booting
4. Change password with passwd command
5. Restart in normal mode

Note that the changes made in the second step (changing the download options) are temporary - they affect only one subsequent booting. Therefore, when you reboot at the fifth step, you do not need to do anything - the system will operate in normal mode.

To move to the end of the line and to the beginning of the line (in the second step), use the keyboard shortcuts Ctrl+a and Ctrl+e.

Although the root password reset algorithm is similar, but there may be some nuances in different distributions, let us take a closer look at them.

Note for UEFI: If you use UEFI instead of GRUB, then also see this article, it tells you how to change kernel boot parameters in this case.

By the way: if you want to protect the system from changing the password as described in this article, see the article “How to protect GRUB bootloader with password”.

Resetting the password in Linux Mint, Ubuntu, Debian, Kali Linux (should also work for other Debian derivatives)

To interrupt the loading of GRUB (the first step) during startup of the computer, press and hold the SHIFT key - it works always, even on Linux Mint, where by default the GRUB menu display is disabled.

Stop the booting by holding the SHIFT key while starting the computer, you will see:

Press the "e" key and you will proceed to edit the boot settings:

On the screen there is no necessary line for us, swipe the cursor keys down and find the line starting with linux:

Go to the end of this line, type a space and add:

single init=/bin/bash

It should look something like this (the kernel number may differ):

When everything is ready, press Ctrl+x or F10 to continue booting with the set options.

You will see a shell prompt, also note that we are logged in as root, i.e. we have superuser privileges, including the use of the passwd command:

With the passwd command we change the password, as you can see, the passwd command failed:

passwd: Authentication token manipulation error
passwd: password unchanged

To understand the cause of the error, enter the command:

mount

The letters ro indicate that the file system is mounted read-only and for this reason the made changes cannot be saved. Let us remount the file system:

mount -rw -o remount /

As you can see, after that the password change was successful:

To exit, type:

sync
umount /

To turn off your computer run:

poweroff -f

Or restart your computer with the command:

reboot -f

How to reset the password in Arch Linux, BlackArch (and also in other Arch Linux derivatives)

When the GRUB menu appears, press the "a" key to stop the booting:

Then press "e" to edit the boot parameters:

On the screen there is no interesting line for us, swipe the cursor keys down and find the line starting with linux.

Go to the end of this line, type a space and add:

single init=/bin/bash

It should look something like this:

When everything is ready, press Ctrl+x or F10 to continue booting with the set options.

In Arch Linux, the file system is mounted with write permissions by default. Therefore, you can immediately change the password using the command

passwd

To exit, type:

sync
umount /

To turn off your computer run:

poweroff -f

Or restart your computer with the command:

reboot -f

Reset your password in RHEL/CentOS 7

In addition to having to mount a file system for save changes, RHEL/CentOS 7 also has a nuance related to the presence of SELinux.

When the GRUB menu appears, press the "a" key to stop the booting:

Then press "e" to edit the boot parameters:

On the screen is missing the line we need, swipe the cursor keys down and find the line starting with linux16:

Find the part of the string

rhgb quiet

and replace with

init=/bin/bash

It should look something like this:

When everything is ready, press Ctrl+x or F10 to continue booting with the set options.

Let us check write permissions:

mount | grep root

As you can see, there are no write permissions. We will remount the file system with write permissions:

mount -rw -o remount /

Change Password

passwd

The password has been changed, but it is not over yet. We need to relabel the SELinux context. If we do not relabel the whole SELinux context, we will not be able to use the new password. To do that:

touch /.autorelabel

To exit, type:

sync
umount /

To turn off your computer run:

poweroff -f

Or restart your computer with the command:

reboot -f

In GRUB 2 one cannot change the password in single user mode?

In Red Hat official documentation, I found the statement that GRUB 2 no longer performs password reset in single-user mode, as it was in GRUB. And now for the operation in single-user mode, as well as in emergency mode, the root password is required. Perhaps this applies only to the latest versions of Red Hat Enterprise Linux, because, as you can see from this instruction and screenshots, in GRUB 2 you can change the password in single-user mode. The documentation describes two ways to reset the root password in Red Hat Enterprise Linux in case the described here method does not work.