|You can configure a password to expire the first time a user logs in. This forces users to change passwords immediately.|
|While users can be either people (meaning accounts tied to physical users) or accounts which exist for specific applications to use, groups are logical expressions of organization, tying users together for a common purpose. Users within a group share the same permissions to read, write, or execute files owned by that group.|
|…where _options_ are command-line options as described in xref:Managing_Users_and_Groups.adoc#table-useradd-options[Common useradd command-line options]. indexterm:[user configuration,command line configuration,passwd] By default, the [command]#useradd# command creates a locked user account. To unlock the account, run the following command as `root` to assign a password:|
|…where _options_ are command-line options as described in xref:Managing_Users_and_Groups.adoc#table-groupadd-options[Common groupadd command-line options].|
|…where _options_ are command line options as described in xref:Managing_Users_and_Groups.adoc#table-chage-options[chage command line options]. When the [command]#chage# command is followed directly by a username (that is, when no command line options are specified), it displays the specified users current password aging values and allows you to change these values interactively.|
|When a new user is created, the account is disabled until a password is set. The Add User menu contains the options to set a password by the administrator immediately, or to allow the user to choose a password at the first login.|
|[command]#id#|Displays user and group IDs.
|[command]#useradd#, [command]#usermod#, [command]#userdel#|Standard utilities for adding, modifying, and deleting user accounts.
|[command]#groupadd#, [command]#groupmod#, [command]#groupdel#|Standard utilities for adding, modifying, and deleting groups.
|[command]#gpasswd#|Standard utility for administering the `/etc/group` configuration file.
|[command]#pwck#, [command]#grpck#|Utilities that can be used for verification of the password, group, and associated shadow files.
|[command]#pwconv#, [command]#pwunconv#|Utilities that can be used for the conversion of passwords to shadow passwords, or back from shadow passwords to standard passwords.
|[command]#grpconv#, [command]#grpunconv#|Similar to the previous, these utilities can be used for conversion of shadowed information for group accounts.
|Using the Users Settings Tool|
|Using Command Line Tools|
|Using a null password, while convenient, is a highly insecure practice, as any third party can log in first and access the system using the insecure username. Always make sure that the user is ready to log in before unlocking an account with a null password.|
|User private groups make it safe to set default permissions for a newly created file or directory, allowing both the user and *the group of that user* to make modifications to the file or directory.|
|User Private Groups|
|`usermod`(8) — The manual page for the [command]#usermod# command documents how to use it to modify users.|
|`userdel`(8) — The manual page for the [command]#userdel# command documents how to use it to delete users.|
|`useradd`(8) — The manual page for the [command]#useradd# command documents how to use it to create new users.|
|Upon the initial log in, the user is now prompted for a new password.|
|Two exclamation marks (`!!`) appear in the password field of the `/etc/shadow` file, which locks the account.|
trap "" 1 2 3 15
|To make changes to the user accounts, first select the btn:[Unlock] button and authenticate yourself as indicated by the dialog box that appears. Note that unless you have superuser privileges, the application will prompt you to authenticate as `root`. To add and remove users, select the btn:[+] and btn:[-] button respectively. To add a user to the administrative group `wheel`, change the Account Type from `Standard` to `Administrator`. To edit a user's language setting, select the language and a drop-down menu appears.|
|To assign a null password instead, use the following command:|