If you are using a Virtual Private Server (VPS) running Windows Server 2022 and encounter a password expiry prompt, here’s a step-by-step guide to changing the password:
1
Log in as Administrator: Ensure you are logged in as a user with administrative privileges to make changes to user accounts.
2
Password Expiry Notification: When a user’s password is about to expire or has already expired, they will receive a notification when they log in to the system. This notification will inform them that their password is expired or about to expire and prompt them to change it.
3
Changing Password via CTRL+ALT+END:
- If the password has already expired, the user will be forced to change their password immediately. They will see a message prompting them to press CTRL+ALT+END to change their password.
- The user should press CTRL+ALT+END and then click on Change a password. They will need to enter their old password and then enter a new password (according to any complexity requirements set by your organization).
- After entering the new password and confirming it, the user’s password will be changed, and the password expiry message will no longer appear.
4
Changing Password via PowerShell (Administrator):
- As an administrator, you can change a user’s password using PowerShell. Open a PowerShell window with administrative privileges.
- Use the following PowerShell command to change the password for a specific user (replace username with the actual username): Set-ADAccountPassword -Identity "username" -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword123!" -Force) -Reset
- After executing the command, the user’s password will be changed, and they can log in using the new password.
5
Disable Password Expiry (Not Recommended):
- As a temporary measure, you can disable password expiry for a user account. However, this is not recommended for security reasons. Password expiry policies are essential for maintaining strong security practices.
- If you choose to disable password expiry for a user, you can do so through the Active Directory Users and Computers management console. Locate the user, right-click, and go to Properties. In the "Account" tab, uncheck Password never expires. Keep in mind that this is a temporary solution, and it’s best to have regular password changes for security purposes.
Always ensure that users choose strong and unique passwords (12+ characters in length, non-dictionary, varying capitalization, mix of numbers, letters, symbols). Regular password changes are a recommended part of maintaining a secure Windows Server environment.
