How to change keychain password by command

Hi everyone,

I would like to change other user account's password from an account with root privilege. I've read https://discussions.apple.com/thread/7334618 and tried the following steps.

  1. login to an account (user1) with root privilege and open the terminal
  2. execute "dscl . -passwd /Users/user2 oldPw newPw"
  3. execute "su - user2"
  4. enter user2's password (i.e., newPw)
  5. execute "security set-keychain-password -o oldPw -p newPw /Users/user2/Library/Keychain/login.keychain-db"

When I logout user1 and login user2, the system popup "This Mac can't connect to iCloud because of a problem with {Apple id}". It seems that the iCloud keychain is broken. Also, we need to enter oldPw to unlock "> System Preferences > Passwords", but not the newPw. (ps: we can login user2 and unlock user2's login.keychain-db with newPw)

However, if we change user2's password in user2's terminal as follows. Everything works fine.

  1. login to user2 and open the terminal
  2. execute "dscl . -passwd /Users/user2 oldPw newPw"
  3. execute "security set-keychain-password -o oldPw -p newPw /Users/user2/Library/Keychain/login.keychain-db"

I've tested this issue on macOS 12.6.9 and 14.1.2. Both of them have this problem. Is this a bug or how can I fix this? (e.g., change iCloud keychain password?) Thanks.

How to change keychain password by command
 
 
Q