As an admin, you can reset a user’s password if they request it or if they’re locked out. You can use this process to reset passwords for a specific user(s) and all users.
Required packages and permissions
Supported in: Lumary DC
Permission: System administrator
To reset a user’s password:
- Select the gear icon.
- Select Setup.
- In Quick Find, type "users", then select Users.
- Select the checkbox next to the user whose password you want to reset. Additionally, to change the passwords for all currently displayed users, tick the checkbox in the column header to select all rows. You can also select specific users.
- Click Reset Password. The user(s) receives an email that contains a link and instructions to reset their password.
A password created this way doesn’t expire, but users must change the password the first time they log in.
Show/hide animation
Reset users' passwords as an admin
Remember when resetting passwords:
- Only an admin can reset single sign-on (SSO) user passwords.
- After resetting a password, users are sometimes required to activate their devices to successfully log back in.
- Resetting a locked-out user’s password automatically unlocks the user’s account.
- When a user loses a password, they can click the Forgot password link on the login page to receive an email with steps to reset it. The user must answer the security question correctly to reset the password. In Password Policies, you can customise the security question page with information about where to go for help.
Note: If the user hasn’t set a security question or doesn’t answer the security question correctly, the password will not reset.
A user can request to reset a password through the Forgot password link a maximum of 10 times in a one-hour period. They can successfully change their passwords through this link up to five times in one hour. Administrators can reset a user’s password as often as needed.
- When you reset a user’s password, Salesforce also resets the user’s security token and sends the user an email with the new security token.
- If you reset an API-only user’s password, Salesforce doesn't automatically reset the user’s security token or send a token reset email. If you want API-only users to receive a security token reset email when you reset their password, take these steps.
- Temporarily assign the user to a profile that doesn’t have the API-only user permission. For more information on user profiles and permissions, see User Permissions and Access.
- Ask the user to manually reset their security token.
- Reassign the user to a profile with the API-only user permission.
- Passwords can’t be reset using the Salesforce mobile app.
- For an internal user, the password reset process verifies their email address. For an external user, such as a customer or partner who accesses Experience Cloud sites, password reset doesn't verify their email address.
Find out more about user's resetting their own passwords from the article: Reset your forgotten password.