Change passwords for multiple cPanel accounts (bulk password reset)

Geeks and repetitive tasks

The other day I needed to change passwords for multiple cPanel accounts. Since there was a lot accounts in question, changing passwords manually was out of the question. Changing passwords from shell using passwd utility was also out of the question because that would change only the password for Unix user - MySQL and FTP passwords would remain unchanged. In the end I wrote a simple script which automates changing system, FTP and MySQL passwords for cPanel user.

The script allows you to either specify the new password for each account or generate a random one. So, if you want to change passwords for multiple cPanel accounts and set your own passwords, you will need to put the list of usernames and their passwords into a text file with the following format:

user1 password1
user2 password2
userN passwordN

Afterwards you can run the script with the following command:

# ./cpanel-chpasswd --no-random /path/to/credentials_file

If you don’t want to specify new passwords, you can let the script to generate random passwords. In this case, you’ll need to put all usernames into text file (one username per line) and run the script with the following command:

# ./cpanel-chpasswd --random /path/to/credentials_file

While the script executes, its output will be printed on stdout. Since the new passwords will be printed on stdout as well, you will probably want to redirect the output to an file on disk, just to have all the changes that were made on record.

You can download cpanel-chpasswd script or copy it from bellow.

Update: As Branko Toić commented bellow, to change passwords from command line instead from WHM, in newer cPanel versions it’s necessary to export ALLOW_PASSWORD_CHANGE variable. The script in this tutorial, as well as the one available for download is updated to meet this requirement.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/bash
  
# This is wrapper script for bulk cPanel account password change
#
# Copyleft: 2012 - Sasa Tekovic - http://www.tekovic.com
  
chpasswd() {
    # export password change variable for newer versions of cPanel
    export ALLOW_PASSWORD_CHANGE=1
    # Check if the script was given an argument
    if [ -z "$2" ]; then
        usage
    fi
    # Check if specified file exists
    if [ ! -f "$2" ]; then
        echo -e "The specified file ($2) doesn't exist!\n"
        usage
    fi
  
    for user in `awk {'print $1'} $2`; do
        if [ "$1" = "--no-random" ]; then
            # Parse password
            password=$(grep -E "^$user\b" $2 | awk {'print $2'})
        else
            # Generate random password
            password=`</dev/urandom tr -dc A-Za-z0-9 | head -c 10`
        fi
  
        # Change password for cPanel user
        /scripts/realchpass $user $password
  
        # Change password for MySQL user
        echo "Changing MySQL password for user $user"
        /scripts/mysqlpasswd $user $password
        echo "MySQL password for $user has been changed"
        echo -e "New password for $user is: $password\n"
    done
   
  #Sync FTP passwords
  /usr/local/cpanel/bin/ftpupdate
  exit 0
}
  
usage() {
    echo "Usage: $0 { --random | --no-random } /path/to/credentials_file"
    echo "Credentials file must be formatted like:"
    echo -e "username1 password1\nusername2 password2\n...       ...\n"
    echo "If using random password generation, credentials file must contain only username (one per line)"
    exit 1
}
  
case $1 in
    --random)
        chpasswd $1 $2
        ;;
    --no-random)
        chpasswd $1 $2
        ;;
    *)
        usage
        exit 1
esac
  
exit 0