Authentication token manipulation error when logging in as root for first time

Posted September 23, 2014 28.4k views

Setup a new droplet and trying to login as root - after it says i need to change my password, I receive the following error:

Authentication token manipulation error

ANd takes me back to the login prompt.. any ideas? This is on Centos 6.5 and 7.0..

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
5 answers


When it asks you to change the password, the first thing you need to input is the current password.

You are required to change your password immediately (root enforced)
Changing password for root.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 

If that is entered incorrectly, you will get the “Authentication token manipulation error” and be logged out.

If you’re still having issues, you can reset the password in the DigitalOcean control panel:

  • This thing happenned to me, just now! just rejects authentication of the same pass I have been using. Is there a way to reset a different users password without supplying current passwrd?

    Ubuntu 14.04 x64
    public-private ssh-key 

    [ Edited ]

    When I am root I dont get prompt for current password. Is this a symptom of a hack ;)

When you get requested to change your passoword, FIRST put in your CURRENT password then the NEW password then VERIFY the NEW password.

Correct, I typed in exactly what the email said (even copied/pasted into the ssh shell) and still get the same error.

I get this same error on CentOS 7.
Try to change the root password with the reset tool, when CentOS ask me to enter a new password I got kick out from SSH and not able to log in again.

Any advice?

[root@my ~]# passwd myuser
Changing password for user myuser.
passwd: Authentication token manipulation error
[root@my ~]# pwconv
[root@my ~]# passwd myuser
Changing password for user myuser.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@my ~]#