How to disable "change root password" for security reasons.

February 26, 2015 3.6k views


I’m an experienced SysAdmin running Ubuntu 14.04 on a DigitalOcean droplet. I was wondering the other day how the “change root password” function in the control works in practice and if it was possible to disable it for security reasons.


  • The reset password tool that changes the password on your droplet is automatically disabled if you create the droplet using an ssh key rather than password based authentication.

  • Please note that this information is INCORRECT. Using key authentication does not stop “reset root password” from working.

1 Answer

They can gain access without that feature too, you should secure your account with two-step authentication instead.

  • Good point. I’ll get to that when I get my phone fixed. I wish DigitalOcean supported Yubikey though.

  • Yubikey supports OTP, so it supports DigitalOcean two-step authentication as well.

Have another answer? Share your knowledge.