I have a user account on Ubuntu 18.04 which appears to be locked and cannot be unlocked.

If I try to use sudo, then I receive an error "incorrect password". I know that I am typing in the correct password.

user@server:/root$ sudo touch test
[sudo] password for user: 
Sorry, try again.
[sudo] password for user: 

If I switch to root and then try to login I receive an error that the account is locked due to too many failed password attempts.

+[root@server:~] 1 # login user
Account locked due to 49 failed logins

I have tried to unlock the account with the following two commands:

+[root@server:~] 130 # passwd -u user
passwd: password expiry information changed.
+[root@server:~] # 

Here is the output of --status

+[root@server:~] 6 # passwd -S user
user P 06/15/2020 0 99999 7 -1
+[root@server:~] # 

I have also tried the following command to unlock:

+[root@server:~] # usermod -U user
+[root@server:~] # 

However I still receive the error when I use the login command:

+[root@server:~] # login user
Account locked due to 50 failed logins

Login incorrect
server login: 

No matter how many times I try these unlock commands, I still am unable to use sudo or login with the login command.

It appears like my account is "locked" via another mechanism.

What am I doing wrong? How can I unlock this account?

  • Hi and welcome to SuperUser. Could you add some more information? For example whether you use some sort of directory service. What PAMs are involved and if (plus what) is visible from log files such as auth.log?! Commented Jun 15, 2020 at 7:43

2 Answers 2



I understand that you have the problem with user "user". You could use the pam_tally2 command:

$ -> whatis pam_tally2
pam_tally2 (8)       - The login counter (tallying) module


pam_tally2 --user=user --reset

You can check if the counter is reset with:

pam_tally2 --user=user
  • This worked! Why is this so hidden, why is this not documented anywhere I could find... how was I supposed to know this? Is this common?
    – Nate Houk
    Commented Jun 15, 2020 at 16:49
  • Hi, Nate. When something happens once with pam, then the solution is close for experience. There is a lot information about pam as [ man7.org/linux/man-pages/man8/pam_tally2.8.html ]. Regards.
    – Adrian
    Commented Jun 15, 2020 at 16:53

The reason is because, your login is locked by the pam module for exceeding the deny variable, generally set in /etc/pam.d/common-auth.

The methods you have tried would work, if the password or account were locked/expired in the /etc/shadow file instead.

I second @Adrian's answer here. Adding up to it

"pam_tally2 module is used to lock user accounts after certain number of failed ssh login attempts made to the system. This module keeps the count of attempted accesses and too many failed attempts."

To get the failure count, use.

sudo pam_tally2 --user=$USER

To reset the count to 0 and unlock your account

sudo pam_tally2 --user=$USER --reset

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .