Default passwords in Kali Linux

Let's consider what standard (default) credentials are in Kali Linux and how to change them.

Kali Linux user password

What is the password Kali Linux LIVE

When booting a LIVE image, login credentials are not required. Running commands with sudo also does not require passwords.

What is the default password in Kali Linux

When installing the system, you will be asked to create a user account – username and password for it. These credentials will later be used to log into the system.

See also How to install Kali Linux (step by step tutorial).

How to change your password in Kali Linux

To change your password, run the command:


enter the old password, and then two times the new password.

How to change password for another user in Kali Linux

To change the password for another user, run a command of the form:

sudo passwd <USER>

What is the root password in Kali Linux

By default, the root password is not set. To set root password in Kali, run the command:

sudo passwd root

After that, you can log in as the root user.

What to do if you forgot your Kali Linux password

Use the article “How to reset a forgotten login password in Linux”.

Default password Kali Linux in VMware and ARM images

In all official images, including VMware and ARM, the standard credentials are:

User: kali

Password: kali

Vagrant Image Password

Based on their policy:

Username: vagrant

Password: vagrant

Kali Linux Password in SSH

The SSH password is exactly the same as the password for the user on the system. Those. in standard images, the kali username and password. After installing the system or changing the user password, when connecting via SSH, use the password of your account in the system.

It is recommended to configure key authentication, see “How to enable SSH in Kali Linux. How to connect to Kali Linux via SSH” for details.

Default tool credentials

Some tools shipped with Kali will use their own default credentials (others will generate a new password the first time they are used). The following tools have default passwords:


Username: beef

Password: beef

Configuration file: /etc/beef-xss/config.yaml


User: root

Password: (blank)

To initially configure the program and set the root password, run the command:


If you have already set the MySQL password in Kali Linux, but forgot it, then in the first terminal, type:

sudo systemctl stop mysql
sudo mysqld_safe --skip-grant-tables

In another terminal

mysql -u root mysql
update user set password=PASSWORD('NEW_PASSWORD') where User='root';
flush privileges;

Please note that the NEW_PASSWORD line needs to be replaced with the password that you want to set for MySQL root.

In the first terminal CTRL+c

In any terminal:

sudo kill `sudo cat /var/run/mysqld/`

And then:

sudo systemctl start mysql

That's it, now your MySQL has a new password.


User: postgres

Password: postgres

How to change PostgreSQL password

sudo systemctl start postgresql.service
sudo -u postgres psql postgres

At the psql prompt, enter the command:

\password postgres
Enter new password:


Username: admin

Password: <Generated during program setup>

To set up the program, run the command:



The Kali's official documentation says:

Username: postgres

Password: postgres

Configuration File: /usr/share/metasploit-framework/config/database.yml

But when trying to connect from msfconsole with these credentials, an error occurs:

Error while running command db_connect: Failed to connect to the Postgres data service: IMPORTANT: user "postgres" did not authenticate (Peer)

Another error option if you do not specify a password:

Error while running command db_connect: Failed to connect to the Postgres data service: fe_sendauth: no password supplied

To fix it, you can do the following. We start the PostgreSQL service, create a new user with (called “user”) with a password and create a database (called “metasploit”) on behalf of this user:

sudo systemctl start postgresql.service
sudo -u postgres createuser user -W
sudo -u postgres createdb -O user metasploit


db_connect user:user_pass@localhost/metasploit

Last Updated on

Recommended for you:

Leave a Reply

Your email address will not be published.