3 Ways to Reset Passwords in Salesforce
Users lock themselves out of Salesforce at the worst possible moments. An expired password during a demo, a fat-fingered typo before a forecast run, whatever the cause, the help desk call ends up on your plate.
As an admin, you need a quick, secure way to get people back in without breaking audit trails or wasting time. Below we break down three straight-forward ways to reset passwords and keep the org moving.
Table of Contents
Use Salesforce’s UI
Resetting a password in Salesforce takes about a minute when you know where to look. Follow the clicks below to get the job done in the standard UI, no extra tools required.
Step 1: Open Setup
- Click the gear icon in the upper-right corner.
- Choose Setup. A new tab labeled Setup opens; stay there for the next steps.
Step 2: Find the User List
- In the left sidebar’s Quick Find box, type
Users. - Select Users. The table that appears lists every active and inactive user.
Step 3: Reset One Password
- Click the user’s name to open their record.
- Hit the Reset Password button near the top.
- In the confirmation pop-up, select OK. Salesforce emails a reset link to the address on file.
Step 4: Reset Several at Once
- Back on the main Users list, check the boxes next to each person who needs a new password.
- Click Reset Password(s) above the table.
- Approve the pop-up. Each selected user gets an individual email.
Step 5: Let People Know What Happens
- Salesforce sends a single-use link that expires after 24 hours.
- If the window closes, repeat Steps 3 or 4.
- Remind users to check spam or junk folders if the message doesn’t appear within two minutes.
That’s it, no extra tools needed, and the audit log updates automatically so you can confirm everything went through.
Use Torii
Logging in to Salesforce for every password change gets old fast. Instead, let Torii handle Salesforce password resets. This SaaS management platform pulls all your subscriptions and integrations into one place, making jobs like onboarding, offboarding, and license checks automatic and easy.
Once Torii is connected, resets fire as soon as the trigger you choose occurs. Typical triggers include a new hire’s start date, a departure, or a contract milestone. Automating the task frees up time whenever the reset is needed again.
To set up automated Salesforce password resets in Torii, take these quick steps:
1. Sign up for Torii
Submit the demo request and claim a complimentary two-week proof of concept.
2. Connect your Salesforce account to Torii
After your workspace goes live, connect Salesforce to Torii by following the integration guide.
3. Create a Torii workflow for Salesforce
Open the Workflows tab, pick your trigger, then add the action that resets Salesforce passwords. Torii will handle the rest each time the condition is met.
Use Salesforce’s API
Need to clear a locked-out user or push a temporary password? It’s faster, scriptable, and spares you from hunting through endless setup screens every time you unblock someone.
1. Grab the user’s Id
- Issue a SOQL query with REST.
GET /services/data/v60.0/query?q=SELECT+Id,Username+FROM+User+WHERE+Username='[email protected]'
Authorization: Bearer <access_token>
- Note the Id that comes back, something like
0058c000009aBCdAAE.
2. Decide: random reset or set a known password
Salesforce offers two REST endpoints and two SOAP operations, giving you flexibility to match whatever process your integration already follows. Choose whichever option feels simpler.
3. REST: generate a random password
This call returns a new password in the response JSON and automatically unlocks the user account.
POST /services/data/v60.0/sobjects/User/0058c000009aBCdAAE/password
Authorization: Bearer <access_token>
Content-Type: application/json
{}
Here’s a sample response:
{
"password": "m3Ga.9pQs"
}
Store the value or send it to the user yourself, because Salesforce won’t email it when you go through the API.
4. REST: set a specific password
If you’d rather set a specific password, include it in the request body and skip the random generator.
POST /services/data/v60.0/sobjects/User/0058c000009aBCdAAE/password
Authorization: Bearer <access_token>
Content-Type: application/json
{
"NewPassword": "Ch@ngeMe123"
}
A 204 status means success. If the password misses org rules such as length or complexity, you’ll receive a 400 error along with a descriptive message.
5. SOAP: reset or set from existing integrations
Plenty of existing integrations still depend on SOAP for user management. Within both the Partner and Enterprise WSDLs, you’ll find two handy operations for password management tasks.
resetPassword(userId)returns a randomly generated string.setPassword(userId, newPassword)applies the value you send.
Minimal example:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header>
<SessionHeader xmlns="urn:partner.soap.sforce.com">
<sessionId>00D.AQ0.</sessionId>
</SessionHeader>
</env:Header>
<env:Body>
<resetPassword xmlns="urn:partner.soap.sforce.com">
<userId>0058c000009aBCdAAE</userId>
</resetPassword>
</env:Body>
</env:Envelope>
The response includes <result>h4tR#pX9</result>.
6. Confirm the change
After making the call, test the change by logging in yourself or asking the user to do so. If anything fails, check:
- Password policy settings
- User status (Active must be true)
- Session scope of your OAuth token
And that’s it; no clicks, just clean API calls that slot neatly into your automation process.
Torii for SaaS Management
Ready to bring order to a sprawl of SaaS subscriptions and tools? Get in touch. Torii’s SaaS Management Platform helps you to:
- Reveal shadow IT: Continuous, AI-driven discovery spots unauthorized apps the instant they appear.
- Slash spend: Cut waste by retiring unused seats and consolidating overlapping tools.
- Automate onboarding & offboarding: Turn repetitive joiner, mover, and leaver tasks into error-free, hands-free workflows.
- Stay ahead of renewals: Timely alerts ensure every contract is reviewed and renegotiated on schedule.
Torii brings all your SaaS data into one place for Finance, IT, and Security teams.
Explore features, case studies, and pricing details at Torii whenever you’re ready.
Frequently Asked Questions
Use Setup in Salesforce, open Users list, click the person, press Reset Password, and confirm. For several users, tick their names and hit "Reset Password(s)" instead. Salesforce emails one-time links immediately and logs the action for compliance.
Yes. In the Users table, select each employee who needs help, click the "Reset Password(s)" button, then confirm the popup. Salesforce fires individual reset emails to every chosen account, eliminating repetitive single-user steps.
The message contains a single-use link active for 24 hours. Users click it, create a new password, and their account unlocks. If the email is missing, advise checking spam folders or asking you to resend the link.
After you connect Salesforce to Torii and build a workflow, Torii watches triggers like new hires, departures, or contract milestones, then calls Salesforce APIs to reset passwords automatically. Every run is recorded in Torii for auditing.
Use REST endpoint "/sobjects/User/{Id}/password" to generate a random password with an empty body or set one by posting {"NewPassword":"value"}. SOAP integrations can call resetPassword or setPassword methods in the Partner or Enterprise WSDL.
Failures occur when the new password breaks complexity rules, the user is inactive or still locked, or the OAuth token lacks Modify All Data scope. Check the 400 error message, verify Active status, and adjust token permissions.
