Entering a password incorrectly too many times happens to all of us. It could be entering the desktop or running a sudo command from the command line as a user. After 3 failed attempts sudo
will lock that user account from logging in for a period.
Here’s how to reset sudo
so they can log in again immediately. Here is me deliberately entering an incorrect password three times for user :
$ sudo -i
[sudo] password for <USER>:
Sorry, try again.
[sudo] password for <USER>:
Sorry, try again.
[sudo] password for <USER>:
sudo: 3 incorrect password attempts
This will also print a lines like the following to the systemd journal:
sudo[21979]: pam_faillock(sudo:auth): Consecutive login failures for user <USER> account temporarily locked
sudo[21979]: <USER> : 3 incorrect password attempts ; TTY=pts/3 ; PWD=/root ; USER=root ; COMMAND=/bin/bash
First, the following command (run as root) will show you any accounts that are currently locked:
# faillock --user <USER>
<USER>:
When Type Source Valid
2023-05-13 13:39:10 TTY /dev/pts/3 V
2023-05-13 13:39:13 TTY /dev/pts/3 V
2023-05-13 13:39:15 TTY /dev/pts/3 V
Simply unlock them with the following command, again as root:
# faillock --user <USER> --reset
The user is now unlocked and can login and/or run sudo
again.
The user can also be unlocked by deleteing the lock file that sudo
checks to do the same:
# rm /var/run/faillock/<USER>