# Change default login credentials

## Secure your Endpoint Central Account

If you are reading this, chances are that you are using the default login credentials, which is why we have locked your account. Please follow the steps below to reactivate the account and reset your password. [Why is this necessary?](https://www.manageengine.com/products/desktop-central/unathenticated-access.html#why)

### Steps for Administrator to reset his/her password using a Tool

You can reset the default admin password of Endpoint Central by following the steps mentioned below:

1. Go to **Services.msc** and **stop ManageEngine Endpoint Central**
2. Open **command prompt in elevated mode** and navigate to **<Install_Dir>\DesktopCentral_Server\bin** directory
3. Execute **resetPassword.bat**
4. You will find the options as listed below:  
   [![Password reset](https://www.manageengine.com/products/desktop-central/images/password-reset.png)](https://www.manageengine.com/products/desktop-central/images/password-reset.png)
5. Choose the operations:
   1. View all existing users
   2. Change password
   3. Exit
6. Choose "2" to reset password
7. Enter the username.
8. A password with random characters will be generated and displayed.
9. **Start** the ManageEngine Endpoint Central Server service from **Services.msc**.
10. Choose **Local Authentication** and login using the user name and the generated password.

**Note:** It is highly recommended to reconfigure Secure Gateway Server after you reset the default credentials. [Steps to reconfigure Secure Gateway Server here](https://www.manageengine.com/products/desktop-central/reconfigure-secure-gateway-server.html).

### Steps to disable the banner post password reset:

- Download the attached [closeLoginBanner.zip](https://www.manageengine.com/products/desktop-central/scripts/closeLoginBanner.zip) file.
- Extract it in `<server directory>/bin` folder.
- Run the closeLoginBanner.bat file as administrator.

## Why do we strongly recommend changing the password?

Securing user accounts is not only important but our foremost priority. Using a default admin account with the same password is quite vulnerable. Typically, malicious actors may attempt to breach a default administrative account named "admin" because it is quite common in businesses. The possibility of an account compromise may still exist despite the enhanced security measures if default passwords are in use. Following that, we have locked all the accounts that have admin as their default username and password.

**Note:** Please refer to our Security tips and recommendations document for enhanced security. If you need assistance, our support team is always ready to help. Please reach out to us at *endpointcentral-support@manageengine.com*.