Users in the local domain, vsphere.local by default, can change their vCenter Single Sign-On passwords from a Web interface. Users in other domains change their passwords following the rules for that domain.
About this task
The password policy that is defined in the vCenter Single Sign-On configuration interface determines when your password expires. By default, vCenter Single Sign-On passwords expire after 90 days, but your system administrator might change this default depending on the policy of your organization. The vSphere Web Client reminds you when your password is about to expire. You can reset an expired password if you know the old password.
You can change a password only if it is not expired.
If the password is expired, the administrator of the local domain, email@example.com by default, can reset the password by using the dir-cli password reset command. Only members of the Administrator group for the vCenter Single Sign-On domain can reset passwords.
- From a Web browser, connect to the vSphere Web Client or the Platform Services Controller.
vSphere Web Client
Platform Services Controller
In an embedded deployment, the Platform Services Controller host name or IP address is the same as the vCenter Server host name or IP address.
- Specify the user name and password for firstname.lastname@example.org or another member of the vCenter Single Sign-On Administrators group.
If you specified a different domain during installation, log in as administrator@mydomain.
- In the upper navigation pane, to the left of the Help menu, click your user name to pull down the menu.
As an alternative, you can select Edit User from the right-button menu.and select
- Select Change Password and type your current password.
- Type a new password and confirm it.
The password must conform to the password policy.
- Click OK.