SafetyCulture
Last updated:

Require password reset for new users

Learn how to prompt newly added users to reset their password at their first login in the web app to keep their accounts secure.

This feature is currently in Early Access. If you're interested, please contact our customer support team or your customer success manager to check if your organization is eligible.

Why require users to reset their passwords?

Requiring new users to reset their password at their next login helps improve account security by ensuring they create unique credentials. This reduces the risk of weak, shared, or predictable passwords across your organization and gives users ownership of their account security from the start.

Newly added users with set passwords will be prompted to create a new one the first time they log in, ensuring they have control over their account security.

What you'll need

This setting only applies to newly added users whose passwords are set by an admin.

Require password resets for new users

  1. Log in to the web app.

  2. Click your organization name on the lower-left corner of the page and select Users.

  3. Click Plus iconAdd users on the upper-right corner of the page.

  4. Enter the user's details, then click Next.

  5. If you have the "Platform management: Permissions" permission, you can select the permission set you want to assign to the user. If required, you can also add the user to groups and sites, and enter additional details with user fields.

  6. Click Add users.

  7. In the pop-up window, turn "Require password reset" on.

    • You can turn "Send password instructions via email" on to send an email about their account, including a custom message you can add. Require new users to reset their password the next time they log in to ensure tighter account security via the web app.

  8. Click Continue.

Frequently asked questions

No, you can only turn the setting to require password resets when manually adding users to your organization.

You can only prompt new users to reset their passwords. However, if you have "Platform management: Users" permission, you can send a password reset email for your users, or change their password if they're only part of a single organization.

Yes, once users access the password reset page, they must reset their passwords within 5 minutes. If they exceed the 5-minute window, they can simply log in again with their old password to access the password reset page.

Need more help?
Contact us
Ask the community

Thank you for letting us know.

If you would like a reply from someone, please contact us atsupport@safetyculture.com.

In this article