Reset a user's password

If a user forgets the password for their managed Google account (for example, their Google Workspace or Cloud Identity account) or if you think their account has been compromised, you can reset their password from the Google Admin console.

Resetting a password changes it for the user's online accounts. If the user has Google Drive for desktop, the password doesn't change there. After resetting a user's password, you must reset the user's sign-in cookies.

Change a password

Expand all  |  Collapse all

If you want to reset multiple users’ passwords in bulk, go to Add or update multiple users from a CSV file.

If your account uses single sign-on (SSO) with a third-party identity provider, instead go to Set up single sign-on for managed Google Accounts using third-party identity providers.

Reset a user's password

As an administrator, you can reset users' passwords to maintain account security. To do so, you must be signed in with an administrator account that has reset password privileges.

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Directoryand thenUsers.
  3. In the Users list, find the user. If you need help, read Find a user account.
  4. Point to the userand thenclick Reset password at the right.

    You can also find this option on the left of the user's account page.

  5. In the Reset password box, select an option:
    • Automatically generate a password.
    • To enter your own password, select Create password. To view the password you created, click Preview .
      By default, password minimum length is 8 characters. You can change password requirements for your organization.
  6. (Optional) To have the user change the password the next time they sign in, select Create Password and check the Ask for a password change at the next sign-in box.
  7. Click Reset.
  8. (Optional) To paste the password somewhere, such as in a Google Chat conversation with the user, click Copy Password.
  9. Choose one:
    • To finish, click Done
      Note: You need to send the user their new password.
    • To email the password to the user, click Email Passwordand thenSend.
      Notes:
      • If you checked the Ask for a password change at the next sign-in box in Step 6 AND you clicked Email Password in Step 9, the user is automatically sent a link to reset the password.
      • If you DID NOT check the Ask for a password change at the next sign-in box in Step 6 AND you clicked Email Password in Step 9, the user needs to contact you for the password.
  10. Reset the users sign-in cookies. For the steps, go to Reset a user's sign-in cookies (below on this page).
Reset another administrator's password

To reset the password of another administrator, you must have Super Admin privileges. If you have Super Admin privileges, follow the steps to reset a user's password (above on this page).

Reset your own administrator password

If you can't sign in to the Admin console and need to reset your own administrator password, go to Reset your administrator password.

Reset a user's sign-in cookies

Resetting a user’s sign-in cookies prevents them from signing in with an old password.

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Directoryand thenUsers.
  3. In the Users list, find the user. If you need help, go to Find a user account.
  4. Click the user's name to open the user's account page.
  5. Click Securityand thenSign in cookiesand thenReset.
  6. (Optional) To return to the user’s account page, at the top, click the Up arrow .

After changing a password

After you reset a password and sign-in cookies, the user is signed out of all active sessions. To reopen their apps, the user needs to complete the following actions:

  • Google web apps (such as Gmail or Google Drive)—The user has to sign in again with their new password.
  • Google apps on Android—The user is notified they need to verify their identity by signing in to their account. Already synced data—for example, email already received in Gmail—is still accessible, but no new emails can be sent or received until the user signs in again with their new password. 
  • Google apps on Apple iOS—The user's Google account is removed from the account list. The user has to add their account again, then sign in with their new password.
  • Third-party apps connected via OAuth—Third-party mail apps like Apple Mail and Mozilla Thunderbird―as well as other applications that use mail scopes to access a user’s mail―will stop syncing data after a password reset, until a new OAuth 2.0 token is granted. A new token is granted when the user signs in with their Google account username and new password. For details, go to Automatic OAuth 2.0 token revocation upon password change.
  • Third-party apps that require application-specific passwords (ASPs)—When 2-Step Verification is in use, application-specific passwords (ASPs) may be required to use legacy applications that don't support OAuth. After a password reset, all ASPs are revoked and need to be regenerated. For details, go to Sign in with App Passwords


Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.

 

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
14813635194820527177