Manage Windows Passwords

Users on Windows devices can manage updates to their JumpCloud passwords in various ways.

Prerequisites

Considerations

  • If you have MFA enabled in your organization, your users will need to verify their identity using MFA before they can change their password. They can use Push MFA though the JumpCloud Protect app, TOTP MFA through either JumpCloud Protect or another authenticator, or use Duo. However, Duo is only available if it’s the only form of MFA available. 
  • Passwords changed locally using Ctrl+Alt+Del will update the Windows Credential Manager and the Data Protection API.
  • User accounts managed by Active Directory using AD integration won't be able to use the Windows App to reset their password.
  • A known issue exists for Windows 8, 8.1, and Server 2012: if a user is on a slow internet connection, they can click Cancel before they see the password change confirmation screen. In this case, the password change operation isn't stopped, but the user isn't notified of success or failure. This is a limitation of the previously mentioned Windows versions and can't be controlled by JumpCloud.

Password Update Methods

  1. Open the JumpCloud Windows App running in the system tray and click Reset password.
  2. Press Ctrl+Alt+Del and click Change Password.
  3. Open the JumpCloud User Portal login page and select Reset User Password. 
  4. Open the JumpCloud User Portal and navigate to the Security Settings.
  5. Update password using a link included in a password expiration email reminder.
    • If you enable the Password expires after N days option, users receive one email a day for 7 days leading up to their password's expiration that asks them to reset their password.

Changing your Password in the JumpCloud Windows Tray App

The JumpCloud Windows App is the preferred method for user password changes on Windows devices. Below is an overview of the user process. For specific user instructions, see Users: Change Your Password in the Windows App. Note that when you change your password, any active sessions (User Portal, SSO applications, etc.) will be terminated.

The user flow:

  1. In the system tray, open the JumpCloud Windows App.
  2. To change the password, type in your previous password, followed by the new password twice for confirmation.
  3. If MFA is enabled for your JumpCloud account, you need to authenticate your account. Depending on the types of MFA enabled by your organization, you'll see one of two options:

Note:

A cancel button displays on the logon screen while you are verifying your identity using Push MFA. Clicking this button has no effect on the push notification. 

  • TOTP: Enter a six-digit code from an authenticator app such as JumpCloud Protect or Google Authenticator.

Note:

The Duo app is also supported, but is only used when no other form of MFA has been enabled. If you are using duo as your only form of MFA verification, you will receive a notification on your device to verify your identity. See Use Duo Security with JumpCloud MFA

  1. The new password is instantly synchronized with any other password stores.
  2. The Windows device agent then contacts JumpCloud's credential management services through a secure Transport Layer Security (TLS) connection.
  3. The device agent synchronizes changes from the device to JumpCloud and all the resources JumpCloud manages. If you're using AD Sync, the password changes sync to Active Directory® as well.

Note:
  • User accounts managed by Active Directory using AD integration won't be able to use the Windows App to reset their password.
  • Leverage a toolkit of emails and help articles to communicate with your end users about the Windows Password Sync feature, how to use it, and other resources you may need to provide a user-friendly experience when going live with the Windows App.

Changing your password using Ctrl+Alt+Del

To change your password using Ctrl+Alt+Del:

  1. Press Ctrl+Alt+Del, then select Change Password.
  2. Enter your Old Password.
  3. Enter your New Password.
  4. Enter your new password again in Confirm Password.
  5. If MFA is enabled for your JumpCloud account, you need to authenticate your account. Depending on the types of MFA enabled by your organization, you'll see one of two options:
  • Push: Use the JumpCloud Protect app to verify your identity with a push notification.

Note:

A cancel button displays on the logon screen while you are verifying your identity using Push MFA. Clicking this button has no effect on the push notification. 

  • TOTP: Enter a six digit code from an authenticator app such as JumpCloud Protect or Google Authenticator.

Note:

The Duo app is also supported, but is only used when no other form of MFA has been enabled. If you are using duo as your only form of MFA verification, you will receive a notification on your device to verify your identity.  

  1. Click OK.
Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case