Modify a user password.
First, the user is prompted for their current password. If the current password is correctly typed, a new password is requested. The new password must be entered twice to avoid typing errors.

      passwd [-i infosystem] [-l location] [-u authname] [name]

    -i infosystem
           This option specifies where the password update should be applied.
           Under Mac OS X 10.5 and later, supported directory systems are:

            PAM   (default)  Pluggable Authentication Modules.
            opendirectory    A system conforming to Open Directory APIs and supporting
                             updates (including LDAP, etc).
                             If no -l option is specified, the search node is used.
            file  The local flat-files (included for legacy configurations).
            nis   A remote NIS server containing the user's password.

    -l location
          This option causes the password to be updated in the given location
          of the chosen directory system.
            for file,
                  location can be a file name (/etc/master.passwd is the
            for nis,
                  location can be a NIS domainname
            for opendirectory,
                  location can be a directory node name
            for PAM,
                  location is not used

     -u authname
            This option specifies the user name to use when authenticating to
            the directory node.

     user  This optional argument specifies the user account whose password
           will be changed.  This account's current password might be required,
           even when run as the super-user, depending on the directory system.

The new password should be at least six characters long and not purely alphabetic. Its total length should be less than _PASSWORD_LEN (currently 128 characters) although some infosystems allow longer passwords.

Numbers, upper case letters and meta characters are encouraged. Once the password has been verified, passwd communicates the new password information to the authenticating host.

/etc/master.passwd The user database
/etc/passwd A Version 7 format password file
/etc/passwd.XXXXXX Temporary copy of the password file


Change the root password, it is advised that you do this on macOS High Sierra:

sudo passwd -u root
Enter your password then a new password for the root user.

"Chico : you can't come in unless you give the password...
Well, what is the password?... I got it! Haddock! - Groucho Marx

Related macOS commands:

openssl passwd - compute the hash of a password
chgrp - Change group ownership
chmod - Change access permissions
chown - Change file owner and group
dsenableroot - Enable root access
quota - Display disk usage and limits
who - Print who is currently logged in
chpass - unix password change (not really used under macOS)
login - log into the computer
SS64 Password generator
kb/HT1352 - Firmware password protection in macOS
Equivalent Windows command: Set-adAccountPassword - Modify the password of an AD account.

Copyright © 1999-2019
Some rights reserved