Resetting or changing account passwords for other users

If you are a manager, or someone that is entitled with a role that includes this activity, you can change the account passwords for users in the Service Center.

Before you begin

You must be entitled with a role (for example, User Manager or Application Manager) that has the permission to change or reset the account passwords of other users.

About this task

Depending on how a system administrator configured the system, you can change or reset the passwords of other users in the Request Center application of the Service Center.

When you change passwords for others, you can select multiple accounts for a user and change the password for all the selected accounts. The password must comply with all the policies that are set for the associated account configurations. If the selected accounts belong to different account configurations that have different password policies, then the Password Requirements box shows the combined password policy. For example:

Account A is associated with the Sales account configuration, which requires a minimum of 8 characters for the password.
Account B is associated with the Employee account configuration, which requires a minimum of 10 characters for the password.
If you select both accounts, then the new password must comply with the combined password requirements for both account configurations. In this example, the new password must have a minimum of 10 characters. The 10-character minimum complies with the requirements for both password policies for their respective account configurations.

To change the Service Center password of a selected user, the administrator must select the Ideas account. However, from Version 5.2.6.2, if the product is configured with Open ID Connect authentication and uses an external registry, the user needs to enter the external registry password to access the Service Center, the IBM Security Verify Request mobile app, and any ReST APIs that require password authentication.

When you change your own password, your new password is automatically synchronized for all of your own accounts that belong to the same password sync group. However, when you change the password for other users, the password is changed only for the accounts that you select, even if the accounts belong to a password sync group. This way, the new password is not inadvertently changed for accounts that the user might not want to be included in the request.

Procedure

Log in to the Service Center.
On the Service Center Dashboard, click , and then select Request Center.
The Request Center for Self page is displayed.
On the Request Center for Self page, click Manage Others.
The Request Center for Others page is displayed.
Select the tab that is associated with the password reset task, such as ManagerPasswordResetGEN or ChangePasswordGEN.
The first page of a wizard displays the list of users whose password you are entitled to reset. The wizard leads you through the completion of your task.
On the Users tab, select a user in the list, and click Next.
Click to show options for filtering the list of users. You can filter the users by user type, beneficiary, or whether the user is enabled to receive assignments of entitlements. To display the users that meet the filter criteria, click Search. To toggle the filter off, click .

Depending on the process that is defined for your role, the next tab displays either the security questions that verify the user's identity or the accounts that are affected by the password change.
If the Security Questions tab is displayed, enter the answers to the security questions with the help of the user. The answers must match the answers that were entered by the user on the first login.
The Identified by other means check box might be available. You can skip the security questions and select this check box as an alternative. Click Next to proceed to the Accounts tab.
In the Accounts tab, select the accounts that you want to change the password for, and then click Next.
The Accounts tab lists all the accounts that the user is entitled to access. The Ideas account is associated with the Service Center.

In the Account Password Management tab, enter the password or generate the password.

The items that are available in this tab depend on the setup that was done by the administrator. Complete the following items when they are available:

Option	Description
Applicant	Enter your own password.
Beneficiary	Either type the new password, or click Generate so that the password is created automatically. If the Generate button is not available, type the new password in the New password and the Confirm password fields. A Show password characters check box might be displayed. Select it to see the characters you type. As you type, a list of password requirements is displayed, which shows whether the new password complies with the password requirements.
New password will be sent to this email address	This field displays the email address of the user. Based on the configuration, you might be able to edit it.
New password will not be sent	You must communicate the new password to the user by other means.
List of Affected Accounts	This field displays the accounts that are included in the password change request.

Click Submit to complete the request.
When you see the Request Submitted window, click OK.
The list of users is displayed in the Users tab.

Results

The password is changed, and the request is marked as completed. Depending on the configuration of the process, the request might be listed with other requests in a report or in another tab available to an operator or similar role.

What to do next

You can change the password for other users, or you can check the status of the request. To check the status of the request, click Application menu icon

, and then select Request Center. Then, select a report tab, such as Request Report. Here, you can view information about your request, including the type of request, the names of the applicant and of the beneficiary, and other information.