You can change the password or other details of a vCenter Single Sign-On user from a vCenter Single Sign-On management interface. You cannot rename users in the vsphere.local domain. That means you cannot rename administrator@vsphere.local.

You can create additional users with the same privileges as administrator@vsphere.local.

vCenter Single Sign-On users are stored in the vCenter Single Sign-On vsphere.local domain.

You can review the vCenter Single Sign-On password policies from the vSphere Web Client. Log in as administrator@vsphere.local and select Configuration > Policies > Password Policies.

See also Edit the vCenter Single Sign-On Password Policy.


  1. From a Web browser, connect to the vSphere Web Client or the Platform Services Controller.



    vSphere Web Client


    Platform Services Controller


    In an embedded deployment, the Platform Services Controller host name or IP address is the same as the vCenter Server host name or IP address.

  2. Specify the user name and password for administrator@vsphere.local or another member of the vCenter Single Sign-On Administrators group.

    If you specified a different domain during installation, log in as administrator@mydomain.

  3. Navigate to the vCenter Single Sign-On user configuration UI.



    vSphere Web Client

    1. From the Home menu, select Administration.

    2. Under Single Sign-On, click Users and Groups.

    Platform Services Controller

    Click Single Sign-On and click Users and Groups.

  4. Click the Users tab.
  5. Right-click the user and select Edit User.
  6. Edit the user attributes.

    You cannot change the user name of the user.

    The password must meet the password policy requirements for the system.

  7. Click OK.