The locking screen password will change immediately after changing the user's password?

I forget the locking screen password of A user which I’m working at. I can login B user, and with root password I can change A user’s password, will the the locking screen password change immediately and let me enter the desktop?

I cannot exactly follow what you do there. but there is but one password for a user and it is used by the login software (CLI or GUI) and also by the screen locking software of the desktop in use.

Possibly not. – If a user changes their password then, that particular user has to first logout and then, log back in again to activate the password change.


Possibly, the only solution is, to “su --login” to the affected user with the new password and then, clean up whatever that user has currently executing and then, logout the affected user and, kill any remaining processes that are executing with that UID – the UID of the affected user.
Then, log the affected user back into a graphical desktop session with, the new password …

I am not sure about that. That would imply that de desktop (that is providing the “lock screeen” feature) is caching the encrypted password, which I doubt because I see no reason for it.

The encrypted password is in /etc/shadow and is changed when the passwd command is used.
Any application that thinks it should check the users password will read it from the user, encrypt it and compare with the encrypted password in /etc/shadow .
I see no reason to cache it.

@hcvv:

Tested it just now with a test user – SDDM and KDE Plasma 5 desktop – you’re right/correct.

  • mea culpa, mea culpa, mea maxima culpa

OK – that means, if an administrator changes a “locked out” user’s password, the affected user can use that new password to unlock their graphical desktop session …

  • At least for the case of SDDM and KDE Plasma 5 desktops …

Two different items.

  • Login programs like SDDM, KDM, GDM, Lightdm, etc., etc. and of course for the CLI login use the password for the session login.
  • KDE and other desktops that have a “screen lock”, a better name might be “session lock” feature, use it for unlocking.

Two different things.

To my knowledge, password checks (and the APIs that perform them) are always done against the authentication source, never against cached information.

Because password information is not cached - doing so would be a security issue.

So, to answer OP’s question: Changing a user’s password when their session is locked should always allow you to unlock the session.