How to check the lock status of any user account in Linux

In my last article I had showed you the steps to keep track of commands executed by individual users and to check the login time of respective users in your Linux box.

Here I will show you few commands which I know can be used to see if any user account on your Linux machine is locked.

 

Case 1: Password Locked

In this case the password of any account is locked using the below command

To lock the password

# passwd -l user1
Locking password for user user1.
passwd: Success

Review the status in /etc/shadow

# grep user1 /etc/shadow user1:!!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

As you can see above two exclamation mark (!!) before the encrypted password which means that the password has been locked

To unlock the password

# passwd -u user1
Unlocking password for user user1.
passwd: Success

 

Case 2: Account is Locked

In this case the user account might have been locked by the administrator

To lock an account

# usermod -L user1

Review your /etc/shadow file for the changes

# grep user1 /etc/shadow
user1:!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked

To unlock a user account

# usermod -U user1

 

Case 3: Password never set

This can also be the scenario where the administrator has not assigned any password due to which the user is not able to login

So to verify this again you need to check your /etc/shadow file

# grep user1 /etc/shadow
user1:!!:16299:0:99999:7:::

As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.

If the password was set without lock your /etc/shadow would look like something below

# grep user1 /etc/shadow
user1:$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

 

Check the lock status of any Linux Account

Now one single command to see the lock status of the user

# passwd -S user1
user1 LK 2014-08-17 0 99999 7 -1 (Password locked.)

If the user account is unlocked you will output like below

# passwd -S user1
user1 PS 2014-08-17 0 99999 7 -1 (Password set, SHA512 crypt.)

5 thoughts on “How to check the lock status of any user account in Linux”

  1. Hi Pankaj,

    /etc/passwd doesnot contains the encrypted password, it will only contain "x" if a password is assigned

    encrypted form of password is visible in /etc/shadow

    Reply
  2. kernel patching is installing of new kernel upgraded one, after installing new kernel you need to restat the box to take new kernel boot .

    Reply

Leave a Comment