How to manage users and passwords on Raspberry Pi

At this point in the Raspberry Pi section, we have already seen different ways to install Raspbian and how to configure most of the important options. We leave for this entry the management of users and passwords in Raspberry Pi due to its vital importance for the security of the system.

Indeed, one of the main security measures of any system is a correct configuration of users and their passwords. Raspberry Pi, of course, is no exception.

Leaving the default password on your Raspberry Pi might be “more or less acceptable” for test systems connected only locally (and even then, you should get used to changing it).

But if you open access to the Internet, leaving the default username and password is a serious security flaw, and a great way to demonstrate how fast Internet pirate bots act.

Besides changing the password, which as we said is a basic and essential security measure, it is also highly recommended to change the default user. This makes your Raspberry Pi more secure, as knowing the username is roughly half the job for the “bad guys,” and the harder we make it for them, the better.

Fortunately, managing permissions, passwords, groups, and users, as well as configuring security, are one of the strong points of Linux-based systems like Raspbian.

So, in this entry, we will dedicate a little work to see the management of users and passwords in Raspberry Pi, an essential security tool in any computer system.

Default Raspberry Pi Password

Just as a reminder, the default password in Raspbian is:

You will only need it for the first system boot, because you are going to change it immediately, right? Again, do not leave the default password.

Change Raspberry Pi Password

To change our user’s password, from a command console, we use the command:

Next, we type the current password and then the new one twice.

If we want to change another user’s password, we simply add the username as a parameter

sudo passwd nombreUsuario

Where nombreUsuario is the name of the user whose password we want to change. Obviously, we can only perform this action if we are root users of the system.

Create and Delete Users

Managing users is another maintenance task for any system. Even if you are the only user, after a Raspberry Pi installation, it is advisable to create your own user, log in with it, and then delete the default ‘Pi’ user.

To create a new user, we use this command:

Deleting a user is just as easy, using the command:

That easy! On the other hand, sometimes you will see an alternative way to create and delete users, using the commands ‘useradd’ and ‘userdel’. The existence of two sets of commands can cause some confusion.

The explanation is that ‘useradd’ and ‘userdel’ are system binaries, while ‘adduser’ and ‘deluser’ are Perl scripts that use the aforementioned binaries.

We should get used to using exclusively the previous ‘adduser’ and ‘deluser’ from the command console. Meanwhile, ‘useradd’ and ‘userdel’ are more intended for use in scripts. However, here is the syntax for these alternative commands.

User Session Management

Some additional useful commands for controlling user sessions. First, to end the session we use the command:

If during a session we want to act briefly as another user, without logging out, we can temporarily switch with the following command

To end this “temporary session” and return to our “normal” user, we simply do:

If we want to see the name of the user we are currently connected as, we use:

We can also list all users connected to the system with the command:

who

Finally, if we want to get a record of the last login of users, we can use:

lastlog

That covers the basics of managing users, passwords, and user sessions. Of course, there are many more related commands and options, but this covers most needs.

In the next entry, we will see the management of user groups, another basic aspect for system security, which facilitates the management of permissions and users. See you soon!