Users in the local domain, vsphere.local by default, can change their vCenter Single Sign-On passwords from a Web interface. Users in other domains change their passwords following the rules for that domain.
About this task
The vCenter Single Sign-On lockout policy determines when your password expires. By default, vCenter Single Sign-On user passwords expire after 90 days, but administrator passwords such as the password for firstname.lastname@example.org do not expire. vCenter Single Sign-On management interfaces show a warning when your password is about to expire.
You can change a password only if it is not expired.
If the password is expired, the administrator of the local domain, email@example.com by default, can reset the password by using the dir-cli password reset command. Only members of the Administrator group for the vCenter Single Sign-On domain can reset passwords.
- From a Web browser, connect to the vSphere Web Client or the Platform Services Controller.
vSphere Web Client
Platform Services Controller
In an embedded deployment, the Platform Services Controller host name or IP address is the same as the vCenter Server host name or IP address.
- Specify the user name and password for firstname.lastname@example.org or another member of the vCenter Single Sign-On Administrators group.
If you specified a different domain during installation, log in as administrator@mydomain.
- In the upper navigation pane, to the left of the Help menu, click your user name to pull down the menu.
As an alternative, you can select Edit User from the right-button menu.and select
- Select Change Password and type your current password.
- Type a new password and confirm it.
The password must conform to the password policy.
- Click OK.