Set-EntraUserPassword
Sets the password of a user.
Syntax
Set-EntraUserPassword
[-ForceChangePasswordNextLogin <Boolean>]
[-EnforceChangePasswordPolicy <Boolean>]
-UserId <String>
-Password <SecureString>
[<CommonParameters>] Description
The Set-EntraUserPassword cmdlet sets the password for a user in Microsoft Entra ID.
Any user can update their password without belonging to any administrator role.
Examples
Example 1: Set a user's password
Connect-Entra -Scopes 'Directory.AccessAsUser.All'
$newPassword = '<strong-password>'
$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force
Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePasswordThis command sets the specified user's password.
-UserIdparameter specifies the ID of a user in Microsoft Entra ID.-Passwordparameter specifies the password to set.
Example 2: Set a user's password with EnforceChangePasswordPolicy parameter
Connect-Entra -Scopes 'Directory.AccessAsUser.All'
$newPassword= '<strong-password>'
$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force
Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePassword -EnforceChangePasswordPolicy $TrueThis command sets the specified user's password with EnforceChangePasswordPolicy parameter.
-UserIdparameter specifies the ID of a user in Microsoft Entra ID.-Passwordparameter specifies the password to set.-EnforceChangePasswordPolicyparameter force the user to change their password, if set to true.
Example 3: Set a user's password with ForceChangePasswordNextLogin parameter
connect-Entra -Scopes 'Directory.AccessAsUser.All'
$newPassword= '<strong-password>'
$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force
Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePassword -ForceChangePasswordNextLogin $TrueThis command sets the specified user's password with ForceChangePasswordNextLogin parameter.
-ObjectIdparameter specifies the ID of a user in Microsoft Entra ID.-Passwordparameter specifies the password to set.-ForceChangePasswordNextLoginparameter forces a user to change their password during their next log in.
Parameters
-EnforceChangePasswordPolicy
If set to true, force the user to change their password.
| Type: | System.Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ForceChangePasswordNextLogin
Forces a user to change their password during their next sign in.
| Type: | System.Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Password
Specifies the password.
| Type: | System.SecureString |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-UserId
Specifies the ID of a user.
| Type: | System.String |
| Aliases: | ObjectId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |