If you decide to use a Kali Linux live image, the Kali Linux default root password is toor – the word root reversed. Easy to remember, right? This is the default root password on all Kali Linux i386, amd64, VMware, or ARM live images.
Also note that starting with Kali Linux 2020.x, the default password for the kali user is kali
Here is a table you can screenshot to remember the default Kali Linux password easily next time.
|Default Username||Default Password|
It is highly recommended to change the default Kali Linux passwords for your user [kali] and root [toor] for security reasons, especially if you connect Kali Linux to the Internet.
It literally takes a few seconds for an attacker to find out what operating system you’re using and log in using the default Kali credentials. And with that, your computer, as well as the network behind it, is compromised.
If you decide to install Kali Linux instead of using a live image, you will be prompted to configure your username and root passwords for your system during the installation.
Change Kali Linux Default root password
To change the default root password in Kali [toor] is as easy as changing any password for any user in the system. In the terminal, type the following command:
sudo passwd root
When you are prompted, type the password for the kali user. Then type and confirm the new password for the root user.
Here is a hypothetical example again. Use a different password than the one used in this example:
[sudo] password for kali: kali <or the new password changed in the previous step>
New password: [email protected]
Retype password: [email protected]
That’s it. You just changed your Kali Linux default root password! The change takes place immediately. Now let’s secure the default password for the kali user as well.
How To Change the Password For Kali User
Alright. The default root password on Kali is now secured. But we still have a vulnerability: the kali user. Let’s change the default password for the kali user now.
The process is as simple and straightforward as changing the root password above. Open a terminal and execute the following command:
sudo passwd kali
You will be asked to type the current password [kali] for the kali user. Then type and confirm the new password.
Here is a hypothetical example for you to understand. Use a different password than the one I used below.
[sudo] password for kali: kali
New password: [email protected]#$
Retype password: [email protected]#$
Note that you won’t be able to see your passwords while typing them in the terminal. This is a security measure widely implemented on the Linux/UNIX systems.
Make sure you chose a strong password that you can remember.
Good Practices To Stay Safe
The most vulnerable part of an attack is usually the human being. An experienced attacker will look beyond the target machines and do some social engineering to understand the people using the keyboard.
Breaking a password is probably the holy-grail achievement of a hacker. Here are a few tips to make sure that doesn’t happen:
- Use a strong password containing capital and small letters, numbers, and special symbols. The longer, the better.
- Never share your passwords [especially for root]. If you do so, make sure you immediately change all the passwords on your system [root and users].
- Never write down your password. You never know who may see it and use it without your consent.
- Don’t disable the login screen. Though convenient, it is the easiest way to forget a password.
You can change the Kali Linux default root password as many times you want – as long as you can remember it.
This is a simple yet important process often overlooked by beginners. It takes roughly the same amount of time for you to change the default passwords as for an attacker to break into your system. Remember that!
If you found this guide useful, please do me a favor and share it around – it really makes a difference.
But most importantly: stay safe.