When altering a password, the program prompts for the current password and then for the new one. The caller must supply both. The new password must be typed twice to forestall mistakes.
New passwords must be at least four characters long if they use a sufficiently rich alphabet and at least six characters long if monocase. These rules are relaxed if you are insistent enough.
Only the owner of the name or the super-user may change a password; the owner must prove he knows the old password.
Use yppasswd to change your password in the network yellow pages. This will not affect your local password, or your password on any remote machines on which you have accounts.
When altering a login shell, passwd displays the current login shell and then prompts for the new one. The new login shell must be one of the approved shells listed in /etc/shells unless you are the super-user. If /etc/shells does not exist, the only shells that may be specified are /bin/sh and /bin/csh.
The super-user may change anyone's login shell; normal users may only change their own login shell.
When altering the GECOS information field, passwd displays the current information, broken into fields, as interpreted by the finger(1) program, among others, and prompts for new values. These fields include a user's ``real life'' name, office room number, office phone number, and home phone number. Included in each prompt is a default value, which is enclosed between brackets. The default value is accepted simply by typing a carriage return. To enter a blank field, the word ``none'' may be typed. Below is a sample run:
Passwd allows phone numbers to be entered with or without hyphens. It is a good idea to run finger after changing the GECOS information to make sure everything is setup properly.
The super-user may change anyone's GECOS information; normal users may only change their own.