Modify a user password.
First, the user is prompted for their current password. If the current password is correctly typed, a new password is requested. The new password must be entered twice to avoid typing errors.

      passwd [-i infosystem] [-l location] [-u authname] [name]

    -i infosystem
           This option specifies where the password update should be applied.
           Under macOS 10.5 and later, supported directory systems are:

            PAM   (default)  Pluggable Authentication Modules.
            opendirectory    A system conforming to Open Directory APIs and supporting
                             updates (including LDAP, etc).
                             If no -l option is specified, the search node is used.
            file  The local flat-files (included for legacy configurations).
            nis   A remote NIS server containing the user's password.

    -l location
          This option causes the password to be updated in the given location
          of the chosen directory system.
            for file,
                  location can be a file name (/etc/master.passwd is the
            for nis,
                  location can be a NIS domainname
            for opendirectory,
                  location can be a directory node name
            for PAM,
                  location is not used

     -u authname
            This option specifies the user name to use when authenticating to
            the directory node.

     user  This optional argument specifies the user account whose password
           will be changed.  This account's current password might be required,
           even when run as the super-user, depending on the directory system.

The new password should be at least six characters long and not purely alphabetic. Its total length should be less than _PASSWORD_LEN (currently 128 characters) although some infosystems allow longer passwords.

Numbers, upper case letters and meta characters are encouraged. Once the password has been verified, passwd communicates the new password information to the authenticating host.

In modern versions of macOS it is advised to change user passwords with dscl, sysadminctl or the System Preferences pane rather than the traditional unix passwd utility.

Early versions of OSX prior to FileVault will allow a login password to be reset with resetpassword.

/etc/master.passwd The user database
/etc/passwd A Version 7 format password file
/etc/passwd.XXXXXX Temporary copy of the password file


Change the root password, it is advised that you do this if still using macOS High Sierra:

sudo passwd -u root
Enter your password then a new password for the root user.

"Chico : you can't come in unless you give the password...
Well, what is the password?... I got it! Haddock! - Groucho Marx

Related macOS commands

openssl passwd - Compute the hash of a password.
chgrp - Change group ownership.
chmod - Change access permissions.
chown - Change file owner and group.
dscl - Directory Service command line utility.
dsenableroot - Enable root access.
quota - Display disk usage and limits.
who - Print who is currently logged in.
chsh - Add or change user database information/change default shell.
login - log into the computer.
sysadminctl - Administer system user accounts.
If you forgot your Mac login password -
SS64 Password generator
HT102367 - How to enable the root user or change the root password on MacOS.
HT1352 - Firmware password protection in macOS.
Equivalent Windows command: Set-adAccountPassword - Modify the password of an AD account.

Copyright © 1999-2024
Some rights reserved