Change a user password
As either a user or an administrator on a Splunk platform instance that uses the native authentication scheme, you can change a password for a user. Users can change their own password, and administrators can change passwords for all users on the instance.
In Splunk Cloud Platform, you can make these changes from Splunk Web. On Splunk Enterprise, you can perform this action using either Splunk Web or the command line interface (CLI).
Changing a user password does not unlock an account if it is locked. To unlock a user account, see Unlock a user account.
It is not possible to change a user password when the Splunk platform instance uses an authentication scheme other than the native scheme. To change passwords on instances that use other authentication schemes, visit the configuration page for the identity provider to which the authentication scheme connects.
Change a user password in Splunk Web
Use the following procedure to reset credentials on a user account:
- In Splunk Web, select Settings > Access Controls > Users.
- In the Users page, select the user whose password you want to change.
- Type a new password for the user. Distribute this password to your user.
- Select Save.
Change a user password on Splunk Enterprise from the command line
A Splunk admin user with privilege to write to disk on the Splunk Enterprise instance can execute the following command.
On the instance, open a shell or command prompt and type the following CLI command:
splunk edit user <username> -auth admin:<admin_password> -password <password>
Unlock a user account | Manage out-of-sync passwords in a search head cluster |
This documentation applies to the following versions of Splunk Cloud Platform™: 9.2.2406 (latest FedRAMP release), 8.2.2201, 8.2.2203, 8.2.2112, 8.2.2202, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403
Feedback submitted, thanks!