|Two exclamation marks (`!!`) appear in the password field of the `/etc/shadow` file, which locks the account.|
|Upon the initial log in, the user is now prompted for a new password.|
|`useradd`(8) — The manual page for the [command]#useradd# command documents how to use it to create new users.|
|`userdel`(8) — The manual page for the [command]#userdel# command documents how to use it to delete users.|
|`usermod`(8) — The manual page for the [command]#usermod# command documents how to use it to modify users.|
|User Private Groups|
|User private groups make it safe to set default permissions for a newly created file or directory, allowing both the user and *the group of that user* to make modifications to the file or directory.|
|Using a null password, while convenient, is a highly insecure practice, as any third party can log in first and access the system using the insecure username. Always make sure that the user is ready to log in before unlocking an account with a null password.|
|Using Command Line Tools|
|Using the Users Settings Tool|
|[command]#id#|Displays user and group IDs.
|[command]#useradd#, [command]#usermod#, [command]#userdel#|Standard utilities for adding, modifying, and deleting user accounts.
|[command]#groupadd#, [command]#groupmod#, [command]#groupdel#|Standard utilities for adding, modifying, and deleting groups.
|[command]#gpasswd#|Standard utility for administering the `/etc/group` configuration file.
|[command]#pwck#, [command]#grpck#|Utilities that can be used for verification of the password, group, and associated shadow files.
|[command]#pwconv#, [command]#pwunconv#|Utilities that can be used for the conversion of passwords to shadow passwords, or back from shadow passwords to standard passwords.
|[command]#grpconv#, [command]#grpunconv#|Similar to the previous, these utilities can be used for conversion of shadowed information for group accounts.
|When a new user is created, the account is disabled until a password is set. The Add User menu contains the options to set a password by the administrator immediately, or to allow the user to choose a password at the first login.|
|…where _options_ are command line options as described in xref:Managing_Users_and_Groups.adoc#table-chage-options[chage command line options]. When the [command]#chage# command is followed directly by a username (that is, when no command line options are specified), it displays the specified users current password aging values and allows you to change these values interactively.|
|…where _options_ are command-line options as described in xref:Managing_Users_and_Groups.adoc#table-groupadd-options[Common groupadd command-line options].|
|…where _options_ are command-line options as described in xref:Managing_Users_and_Groups.adoc#table-useradd-options[Common useradd command-line options]. indexterm:[user configuration,command line configuration,passwd] By default, the [command]#useradd# command creates a locked user account. To unlock the account, run the following command as `root` to assign a password:|
|While users can be either people (meaning accounts tied to physical users) or accounts which exist for specific applications to use, groups are logical expressions of organization, tying users together for a common purpose. Users within a group share the same permissions to read, write, or execute files owned by that group.|
|You can configure a password to expire the first time a user logs in. This forces users to change passwords immediately.|