Change UBUNTU admin passwd using GUI

nss000 · Feb 23, 2014

Gents:

Running UBUNTU_12.04.4

Can I change admin password from a GUI ?

systemtools --> systemsetting--> useraccounts provides **no obvious tool** enabling this change ... infact clicking here-and-there etc. provides no obvious tool to do anything. Mebby it's a REPORTs function only and I should call another process.

Anyrate I'd appreciate a clue for changing my "boss" admin password.

Oh yeah ... assuming nearly the worst should I unplug my system from the web while making this password change?

skittle · Feb 23, 2014

Use the command "passwd" to change password.
https://help.ubuntu.com/community/RootSudo#root_account

nss000 · Feb 23, 2014

Nope. Three times I entered the new hairy passphrase. Three times the CLI rejected it as non-reproduced. Enough. Fyuck this it's not 1957. I quit. That's why you need the GUI version which includes a typographic "spelling goddess" to make sure you don't mis-strike keys or mis-remember decimal points.

skittle :

stillblue · Feb 24, 2014

I don't believe that I have ever used the root admin password in ten years of Ubuntu. What do you want it for? You have a user that has full admin privileges via sudo. That password can be changed via a gui system settings user accounts unlock the settings in the upper right corner and change your password.

randomizer · Feb 24, 2014

nss000 :

If you are having that much trouble typing the password when setting it, aren't you concerned that you may have just as much trouble the next time you want to log in as root? Maybe you should rethink your password.

nss000 · Feb 24, 2014

Need I remind you gentlemen: Usrland FAILS are **never** the users fault. Ever. //snarky cut-throat rant removed ....//

Gents:

Exactly!! Generic usrland admin passwd not ROOT! I cannot find a way to get a/the/some/mythical GUI passwd changer working as I said in the first post. OFCOURSE I need a **plain text** display of the pasword while I enter it and re-enter ... any normal person does cause how-else do you know you entered it the way you wanted?
******************************************
I don't believe that I have ever used the root admin password in ten years of Ubuntu. What do you want it for? You have a user that has full admin privileges via sudo. That password can be changed via a gui system settings user accounts unlock the settings in the upper right corner and change your password.

*************************************

I have been very impressed by improvements in passwd cracking. Crackers care-not for my personal memory weakness. So I wanted to go 20+ and of-course write-nothing-down as is best practice so I read. Result? FAIL!
*****************
If you are having that much trouble typing the password when setting it, aren't you concerned that you may have just as much trouble the next time you want to log in as root? Maybe you should rethink your password.

skittle · Feb 24, 2014

passwd will have you to retype the new password to check if it was input correctly. I purpose that if you cannot correctly input your password twice then perhaps it is too complicated.

nss000 · Feb 24, 2014

BigS:

This is a pretty silly thread ... and I am of-course responsible for creation/upkeep of my own passwords. So ignore my false-pleadings ...

What IS serious IMHO is rapid devaluation of traditional 8-10-12 digit passcodes.
I understand many incautious but non-obvious choices can be broken in less than a minute. So I really really was trying to attack what I judged a serious issue, and create a robust 20-30 digit MEMORABLE passphrase for my new box. Something good for the next 5 years. I picked a honey that only an XX & YYY imagining ZZZZ would find intuitive! But, even with planning & foresight I failed-to-pass-go and that is no silly matter.

Excuse me could you please pass the aluminum pot bubbling with spagetti sauce?

skittle :

skittle · Feb 24, 2014

Relevant xkcd on password strength
http://xkcd.com/936/
http://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
Pick something you remember it does not have to be some 20 character random alphanumerical alphabet soup.

stillblue · Feb 25, 2014

I have the advantage of speaking a language that has no dictionary so it's pretty secure. If you are that parano...er...worried get a finger scanner and use incredibly complex passwords and register them in the scanner.

randomizer · Feb 25, 2014

A strong password is a good idea and we're not berating you for trying to set one. It just sounds like you're trying something that is over-complicated, rather than something that you can actually remember and (equally importantly) type correctly. In reality I don't think many people are going to be interested in cracking your local admin password anyway (unless this is for something other than a home PC). There are far more valuable targets than that, and many of them are weaker. People often have their web browser save passwords, but these are trivially accessible with the default browser configuration and certainly don't require escalated permissions. In fact escalated permissions are only really needed if you want to cause system-wide harm to the PC, and that's a pretty big waste of time when most of the valuable things are probably stored in directories accessible by a normal user.

nss000 · Feb 25, 2014

BigS:

I LOOKED at the 'xkcd' example and was not happy. If an attacker KNOWS a passphrase has no-numbers, no-CAPITALS and no punctuation marks ... and is comprised only of 3-4-5 letter dictionary words ... then I make that protection not-long for this world. Besides I couldn't even remember the damm example because it is not euphonous(?!) hairyscaryunclelarrylivesanddiestoboffhismary ... I can remember THAT.

skittle :

skittle · Feb 25, 2014

Ok here. numbers you can understand:
4 random words from a small 2000 word dictionary.
NPR(2000,4)=1.6*10^13 possible passwords
NPR(2000,5)=3.18*10^16 possible passwords

For comparison:
9 digit password made of random lowercase letters
=26^9= 5.42*10^12 possible passwords.

8 digit password consisting of random lowercase and uppercase letters
=52^8=5.35*10^13 possible passwords

7 digit password consistting of random lowercase, uppercase, digits and ten other symbols.
=72^7=1.00*10^13 possible passwords

9 digit password consistting of random lowercase, uppercase, digits and ten other symbols.
=72^9 = 5.2*10^16 possible passwords.
this puts us in the same order of magnitude as 5 random dictionary words.

USAFRet · Feb 25, 2014

And writing down a password is not necessarily a bad idea.

I have mine in a non-descript notepad in my desk here at home. If someone breaks in and steals one of more PC's, it is highly doubtful that they are also going to take some random, seemingly blank notepad, stashed away in a desk drawer. And even if they do, they'd have to be pretty sharp to figure out the pwds are actually constructed.
No.....a thief is going to move that hardware as fast as he can. The next person will just wipe it and move on.

Now.....writing it on a post it and sticking it on the monitor at work? Bad idea.

nss000 · Feb 25, 2014

USAFR:

'And writing down a password is not necessarily a bad idea. I have mine in a non-descript notepad in my desk here at home. If someone breaks in and steals one of more PC's, it is highly doubtful that they are also going to take some random, seemingly blank notepad, stashed away in a desk drawer.'

Having got-up a new memorable passphrase I have indeed transcribed it for the time being. Gub'mnt agents **DO** casually house-break ---see NSA for details --- Your advice to interpose a transcription passphrase within noisy environs is a very good idea.

nss000 · Feb 25, 2014

See here:https://security.stackexchange.com/questions/36246/what-is-the-entropy-of-just-1-diceware-passphrase-like-my-passphrase

A couple years and I'm gestapo toast.

skittle :

skittle · Feb 25, 2014

I would be more worried about Gestapo beating me over the head to get password info than someone using super computer resources to attack me

randomizer · Feb 26, 2014

If you don't run full disk encryption then the Gestapo won't care about your password anyway. They'll just avoid booting your OS and mount the disk as a secondary volume. Even then, passwords, including encryption keys, can be extracted from your head in more ways than one, as skittle hinted at.

If you are of interest to intelligence agencies then you have much more to be concerned about than whether your local admin password is strong. Most drive by attackers don't have supercomputers and don't often target individuals. They're interested in whether you've reused credentials that they extracted from a database dump from some site you signed up to 6 years ago.

nss000 · Feb 26, 2014

Well yes if the Mossad or CIA wants something of mine they are going to get it. All you can do is raise-the-price and avoid being a sheeple. Gawd knows I can't die young. So I DO carry extra **insurance** from Skoda Arms and Dan Wesson. Let's say another 75-M Americans have similar insurance; raise the stakes, eh? G. Gorden Liddy assures us to 'aim for the head' with our 357s. Sounds reasonable. Otherwise, the 1st person thru my front door will be greeted with something that punches holes through both-sides of 3-a armour.

Nope you don't expect to get out alive, but then again do the "security" blackboots have 75-M thugs willing to take-a-bullet for THE MAN ?

stillblue · Feb 27, 2014

nss000 :

Somehow I find this disturbing.

So encrypt your drive, get a thumbreader that senses if you are alive because they could just scan your dead cold fingers otherwise and choose passwords that are completely random digits that even under torture you can't remember and you're good to go. Pray that your thumbreader never breaks.

nss000 · Feb 27, 2014

Yes there is something VASTLY DISTURBING about a free citizen of a republic planning for the violent defence of his data-stores from the Gub'mnt sworn to defend his liberty.

I asked my EE students about "thumbreaders" and they laughed ... every laptop evidently has one and I am hopeless old-foggy to require a 24" screen before I will even look ! They all flashed iPads/iPods/iwhatnots and laughed even more. Most I think are too innocent to worry about 7.62s.

Would I ever recover my own scrambled data? I have little talent for such tasks; plain vanillia hard-drives often disappear and I'm lucky to track them down in SYSTEMS MONITOR. Maxwells equ are more my style. Insuring data by Dan Wesson only works if 75-million people are prepared & willing to defend their front door. I watch the Syrian rebellion UTUBE vids. Whether Sunni or Shia they teach the hard lesson. WAY off topic.

stillblue · Feb 28, 2014

No, if you lose your password on an encrypted drive say goodbye to it and move on.

randomizer · Feb 28, 2014

stillblue :

Probably. Ignoring the obvious option of brute forcing, it depends on the type of drive and when you encrypted it. If you're running an SSD (I know nss000 is not

) and you didn't encrypt it from day 0 then you can not be guaranteed that all of the data on the drive is encrypted, only that new data is encrypted.

nss000 · Feb 28, 2014

Am reading along with interest ... and from these comments I see that "stronger" data privacy comes with built-in premium costs. Those costs include a personal skill-set which becomes non-trivial for stronger privacy. A casual computer lusr would seem to do best choosing modest privacy goals and executing enabling actions consistently. I imagine that action starts with running open-source apps & *nix OS!

stillblue · Mar 1, 2014

Anyone can be hacked, even the DOD from time to time. How often are Yahoo and facebook hacked? 2, 3 times a week it seems like. You go for the level of security that you need. If you have a computer connected to the net then you could be hacked if someone wants to bad enough and has the resources. Out of the billions of people connected I have little fear that someone will want to use those resources on me. Unless you are an active member of MEMBLA or a terrorist group who would want to? Stay away from dictionary words and it becomes very hard to crack your system. Keep sensitive data on a computer not facing the net, surf behind Tor and never say yes to "would you like Firefox to remember your password?" and keep a handy self destruct device from Missions Impossible Я Us.

Change UBUNTU admin passwd using GUI

Distinguished

Splendid

Distinguished

Honorable

Champion

Distinguished

Splendid

Distinguished

Splendid

Honorable

Champion

Distinguished

Splendid

Titan

Distinguished

Distinguished

Splendid

Champion

Distinguished

Honorable

Distinguished

Honorable

Champion

Distinguished

Honorable

Share this page