If a user forgets the password for their managed Google account (for example, their Google Workspace or Cloud Identity account), or if you think their account has been compromised, you can reset their password from the Google Admin console.
These steps don't apply if your account uses single sign-on (SSO) with a third-party identity provider. Learn more
Change a password
Note: If you want to reset multiple users’ passwords in bulk, go to Add or update multiple users from a CSV file.Reset a user's password
As an administrator, you can reset users' passwords to maintain account security. To do so, you must be signed in with an administrator account that has reset password privileges.
- From the Admin console Home page, go to Users.
- In the Users list, find the user. If you need help, read Find a user account.
- Point to the userclick Reset password at the right.
You can also find this option on the left of the user's account page.
- Choose one:
- Automatically generate a password.
- Enter a password yourself. To view the password you create, click Preview .
Note: By default, password minimum length is 8 characters. You can change password requirements for your organization.
- (Optional) Choose to have the user change the password the next time they sign in.
- Click Reset.
- (Optional) To paste the password somewhere, such as in a Google Chat conversation with the user, click to Copy Password.
- To finish the password reset, choose one:
- To email the password to the user, click Email PasswordSend.
- Click Done.
If you can't sign in to the Admin console and need to reset your own administrator password, go to Reset your administrator password.
After changing a password
After you reset a password, the user is signed out of all active sessions. To reopen their apps, the user needs to do the following:
- Google web apps (such as Gmail or Google Drive)—The user has to sign in again with their new password.
- Google apps on Android—The user is notified they need to verify their identity by signing in to their account. Already synced data—for example, email already received in Gmail—is still accessible, but no new emails can be sent or received until the user signs in again with their new password.
- Google apps on Apple iOS—The user's Google account is removed from the account list. The user has to add their account again, then sign in with their new password.
- Third-party apps connected via OAuth—Third-party mail apps like Apple Mail and Mozilla Thunderbird―as well as other applications that use mail scopes to access a user’s mail―will stop syncing data after a password reset, until a new OAuth 2.0 token is granted. A new token is granted when the user signs in with their Google account username and new password. For details, go to Automatic OAuth 2.0 token revocation upon password change.
- Third-party apps that require application-specific passwords (ASPs)—When 2-Step Verification is in use, application-specific passwords (ASPs) may be required to use legacy applications that don't support OAuth. After a password reset, all ASPs are revoked and need to be regenerated. For details, go to Sign in with App Passwords.
Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.