Change a user password
As either a user or an administrator on a Splunk platform instance that uses the native authentication scheme, you can change a password for a user. Users can change their own password, and administrators can change passwords for all users on the instance.
In Splunk Cloud, you can make these changes from Splunk Web. On Splunk Enterprise, you can perform this action using either Splunk Web or the command line interface (CLI).
Changing a user's password does not unlock an account if it is locked. To unlock a user account, see Unlock a user account.
It is not possible to change a user password when the Splunk platform instance uses an authentication scheme other than the native scheme. To change passwords on instances that use other authentication schemes, visit the configuration page for the identity provider to which the authentication scheme connects.
Change a user password in Splunk Web
Use the following procedure to reset credentials on a user account:
- In Splunk Web, click Settings > Access Controls > Users.
- In the Users page, select the user whose password you want to change.
- Type a new password for the user. Distribute this password to your user.
- Click Save.
Change a user password on Splunk Enterprise from the command line
A Splunk admin user with privilege to write to disk on the Splunk Enterprise instance can execute the following command.
On the instance, open a shell or command prompt and type the following CLI command:
splunk edit user <username> -auth admin:<admin_password> -password <password>
Unlock a user account
Manage out-of-sync passwords in a search head cluster
This documentation applies to the following versions of Splunk Cloud Platform™: 9.1.2312, 8.2.2202, 8.2.2112, 8.2.2201, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305 (latest FedRAMP release), 9.1.2308