More about SSD Nodes—simple, high-value VPS cloud computing to help you build amazing experiences on the web.
Development | Mar 17, 2017 | 2 min read

Secure Your VPS With One Simple Password Trick

Written by 

Most people who operate a VPS understand one of the fundamentals of password best practices: never use the same password in more than one location.

But for those who don't quite understand yet, the scenario is simple. Let's say that two years, you used one of your regular passwords to sign up for a webapp to help you make flash cards for those German lessons you were falling behind on. You also used that password for your brand-new VPS, thinking it was strong enough.

You've never been back to that flash card site in the two years since, but in the meantime, the company's databases were hacked, and the contents published online. Even worse, they failed to properly encrypt their user's passwords, which means that yours is now published, in plain text, for anyone to see.

1 hour

Only $116/yr for 48GB RAM and 480GB 960GB NVMe and free backups for LIFE!
Celebrating our 9 year anniversary! Capacity is limited and some deals will sell out. Get yours before they are gone!

Your password, along with all the others, now become a possible attack vector, particularly since it's associated with your email address. Your "strong enough" password is now a wide-open opportunity for those who might want to use your VPS for nefarious ends.

Forcing yourself or other users to change passwords on a semi-regular basis is one of many options for increasing security and mitigating the risk of the aforementioned situation. Of course, we still recommend that you use strong, secure passwords or SSH-based authentication.

The chage command allows you to age passwords according to your needs. You might need to install it using your distribution’s package manager.

To expire your password in 30 days: 

$ sudo chage -M 30 your-user

Or, never: 

$ sudo chage  -M 99999 -E 99999 your-user

Once you’ve set these variables, you can see them using the same command. 

$ sudo chage --list your-user

Starting 7 days before the expiration date, that user will begin to see warnings when theyssh into the server.

You can also expire another user’s current password using the passwd command. The next time they try to log in, they’ll be asked to enter their current password and change it to a new one. 

$ sudo passwd -e other-user

To change your own password at any time, use the passwd command. 

$ sudo passwd your-user

Tags:

You might also like:

Stop being a server ignoramus. Enter your email to subscribe to our weekly newsletter.

You're subscribed!