Admin User Password and Details - hmislk/hmis GitHub Wiki

Language: English ¡ āˇƒāˇ’āļ‚⎄āļŊ

Resetting Passwords and Changing User Details

Overview

Administrators can reset any user's password and force users to change their password on next login. Users can also change their own password through their personal settings. This page covers both the admin-initiated and self-service password workflows.

When to Use

  • A user has forgotten their password
  • A user account is being handed over to a different person
  • Security policy requires periodic password resets
  • A user account was compromised and the password must be changed immediately

Admin: Resetting a User's Password

Required privilege: AdminManagingUsers

  1. Click Administration → Manage Users
  2. Click the user row to select it
  3. Click Manage Password in the right action panel
  4. The Change Password form opens showing the user's name and username
  5. Enter the new password in the New Password field
  6. Re-enter it in the Re-enter New Password field — the form will validate that both match
  7. Click Change Password to save

Note: Passwords are masked. Click the eye icon in the password field to reveal what you are typing.

Admin: Forcing Password Reset on Next Login

If the application configuration option Allow admin to force password change is enabled, two additional buttons appear:

  • Force Password Reset on Next Login — marks the account so the user must set a new password the next time they log in. The button is visible when the user has not yet been flagged for reset.
  • Reverse Request to Reset Password on Next Login — cancels a pending forced reset. Visible when the user has already been flagged.

To force a reset:

  1. Open Manage Password for the user (steps above)
  2. Click Force Password Reset on Next Login
  3. The user's next login will redirect them to the password change screen before they can access any other page

Note: If these buttons are greyed out, the application configuration option has not been enabled. Ask your system administrator to enable Allow admin to force password change under Application-Level Configuration.

User: Changing Your Own Password

Users with the ChangeMyPassword privilege can change their own password:

  1. Click your username or preferences area in the top bar
  2. Navigate to Manage Preferences or the personal settings section
  3. Use the password change form to enter your current password and a new one

Password Rules

  • Maximum length: 15 characters
  • Both entries must match exactly
  • The system provides a strength indicator as you type

Troubleshooting

Passwords do not match error

Symptoms: Form shows a validation error after clicking Change Password
Cause: The two password fields do not contain identical text
Solution: Clear both fields and type the new password carefully in each

Force Password Reset buttons are greyed out

Symptoms: The force reset buttons are visible but cannot be clicked
Cause: The application configuration option is disabled
Solution: Enable Allow admin to force password change in Application-Level Configuration

Related Features