Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Overview
Administrators can reset a user's password if the user forgets the password, if the user gets locked out, or if the user never received a password.
Note
If you're not an administrator and you need instructions on how to reset your own work or school password, see Reset your work or school password.
Unless your tenant is the home directory for a user, you can't reset their password. This means that if your user is signing in to your organization using an account from another organization, a Microsoft account, or a Google account, you also can't reset their password.
If your user has a source of authority as Windows Server Active Directory, you can only reset the password if you turned on password writeback and the user domain is managed. Changing the user password for federated domains isn't supported. In this case, change the user password in the on-premises Active Directory.
If your user has a source of authority as External Microsoft Entra ID, you can't reset the password. Only the user, or an administrator in that tenant, can reset the password.
Prerequisites
You must have at least the following role to reset a user's password.
To reset a password
Follow these steps:
Sign in to the Microsoft Entra admin center as at least a Password Administrator.
Browse to Entra ID > Users.
Select the user that needs the reset, then select Reset password.
The Alain Charon - Profile page appears with the Reset password option.
In the Reset password page, select Reset password.
Note
When you're using Microsoft Entra ID, Microsoft Entra ID autogenerates a temporary password for the user. When using Active Directory on-premises, you create the password for the user.
Copy the password and give it to the user. The user must change the password during the next sign-in process.
Note
The temporary password never expires. The next time the user signs in, the password still works, regardless of how much time has passed since the temporary password was generated.
Important
If an administrator can't reset the user's password, and the Application Event Logs on the Microsoft Entra Connect server has error code hr=80231367, review the user's attributes in Active Directory. If the attribute AdminCount is set to 1, this prevents an administrator from resetting the user's password. The attribute AdminCount must be set to 0, for administrators to reset the user's password.