you could do something prompt them for a password, grab the salt from the encrypted password in the shadow file, use the crypt function with that salt, if it matches, prompt for the new password, get a random salt and use the crypt() function to create the new encrypted password, then write it to the shadow file.