Why does my droplet's password change for no reason after a while?

So after resetting the password, which was received by email, I log into the droplet and it asks me to make my own password which I do. Now after I while, when I try to log in again, the password is ‘changed’ as my existing one no longer works. I am 99% sure I haven’t tried changing it so I have no idea why it does this. Afterwards when this happens, I have to reset my password again by email to log into my droplet.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Unfortunately if your password is truly changing like that, your server may have been compromised. By default, Ubuntu does not expire or change passwords automatically. It is possible to set them to expire after a certain time period, but the flow for that is the same as when you first login. You’ll be asked for the old one and then to set a new one.

Review /var/log/auth.log and see if there have been successful login attempts from unknown IP addresses. You can also use the lastlog command to see if there have been logins from unknown user accounts.

This tutorial is good starting point for taking steps to secure your server: