Pricing  Get Quote

Change Password

Active Directory password change

Changing passwords periodically is a healthy habit, since it helps thwart cyberattacks due to stolen credentials. Security experts suggest that admins should ensure users change their passwords with effective password expiration policies.

Users can be notified by the administrator via email to change their passwords when its is about to expire. But in many organizations, users can only change their domain password when they're connected to the company network. So what happens if users are not connected to the LAN (VPN and OWA users) when their passwords are about to expire?

Self-service password change

ADSelfService Plus is a web based, self-service password change solution that provides a secure portal to allow domain users to change their own passwords. Users can click on the Change Password tab on the web portal and change their Windows AD login passwords. Users change their passwords according to the password policy decided by the administrator, which will be displayed while setting the password.

Remote password change

With ADSelfService Plus, users can change their domain passwords remotely. Usually, when a user's domain password is changed, the change is reflected in AD but not on the user's local machine. That means that the cached credentials on the user's machine need to be updated for the change to take effect, otherwise they won't be able to log in to the system.

To avoid this, ADSelfService Plus gives you a login agent, which places a Reset Password/Account Unlock button right on the login screen. Users can click this button to reset their forgotten passwords right from their login screen. After a successful password reset, the cached password is updated on the users' machines.

How to change your AD domain password using ADSelfService Plus:

  • Log in to the ADSelfService Plus user portal, and go to the Change Password tab.
  • Enter your existing Active Directory or domain password in the Old Password field.
  • Provide a New Password, and re-enter it in the Confirm New Password field. Make sure your new password meets the complexity requirements.
  • Click Change Password.


Why you should use ADSelfService Plus for AD password changes


Custom password policies

Using the Password Policy Enforcer, users will only be able to create strong passwords that are immune to cyberattacks including brute-force attacks and dictionary attacks.


24x7 availability

Users can change their passwords from their browser or their mobile phone, anywhere at anytime.


Multi-factor authentication:

The password change process is contained within a portal that is secured with advanced authenticators such as YubiKey and biometrics.

Think the AD native password policy is strong enough? Think again.

Download free trial version now

Users may need a password change when:

  • A domain user wants to change their soon-to-expire passwords.
  • The administrator notifies the domain user to change their password.
  • An administrator resets a domain user's password to the default value.

Changing a password vs. resetting a password

Resetting a password is the process in which the password is updated when the current password is forgotten. ADSelfService Plus allows domain users to perform self-service password reset from its self-service portal by verifying users' identities with multiple authentication techniques set up during enrollment.

Password change does not require a validation process. It only requires the user to log in to the ADSelfService Plus end-user portal. When a user changes their password, they supply the old password along with the new password. If the old password is correct and the new password follows the password policy, the password will be successfully changed.

Complying with data privacy regulations through password policies

To ensure organizational data protection, ensuring password security is vital. ADSelfService Plus aids in compliance with the password and authentication requirements of IT regulations like HIPAA, GDPR, NIST, CJIS, and PCI DSS through its features like:

  • Password policy enforcer: Configure advanced password requirements besides the default domain and fine-grained password policy available in Active Directory during password change. Advanced password policies provided include:
    1. Banning dictionary words and keyboard sequences..
    2. Disallow use of consecutive characters from username and old passwords.
    3. Restrict use of palindromes.

    Password requirements that can be enabled include restriction of consecutive characters, prevention of character strings from old password and username, and mandating use of specific type of first character.

  • Integration with Have I Been Pwned?: Check every password created during change or reset via ADSelfService Plus against the Have I Been Pwned? database of previously breached passwords. If the new password is present in the database, the user is prevented from using it.
  • Multi-factor authentication: Configure additional methods of authentication to verify user identity, in addition to the username and password, during product logins for password change. Admins can choose from the eighteen authentication methods supported including Yubico Authenticator, Google Authenticator, TOTP, biometrics, etc.

Help VPN and OWA users change passwords remotely with ADSelfService Plus

  • Please enter a business email id
    By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.


Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here

Some other benefits of ADSelfService Plus - Self Service Reset Password Management


Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

A single pane of glass for complete self service password management