All Products
Search

This Product

    Resource Access Management:Change the logon password of a RAM user

    Document Center

    Resource Access Management:Change the logon password of a RAM user

    Last Updated:Feb 27, 2026

    This topic describes how to change the console password for a Resource Access Management (RAM) user. A RAM administrator can reset the password for any RAM user, and a RAM user can change their own password. Common reasons for changing a password include regular password rotation or if a password is forgotten, expired, or compromised.

    Considerations

    When you change a RAM user's password, be aware of the following impacts. We recommend performing this action during off-peak hours to minimize disruption.

    • Forced console logoff: The RAM user is immediately logged off of all active Alibaba Cloud console sessions.

    • Termination of assumed role sessions: Any active console sessions for RAM roles that the user has assumed are also terminated.

    • No impact on AccessKey pairs: This action does not affect the RAM user's AccessKey pairs.

    Reset a RAM user's password (administrator)

    As the owner of your Alibaba Cloud account, or as a RAM user with administrative permissions (such as the AliyunRAMFullAccess policy), you can reset the password for any RAM user in your account.

    Console

    1. Log on to the RAM console.

    2. In the left-side navigation pane, choose Identities > Users.

    3. On the Users page, click the username of the target RAM user.

    4. On the Authentication tab, in the Console Logon Management section, you can manage the user's logon credentials. For security reasons, RAM does not allow you to view an existing password. You can only reset it. The button that appears depends on the user's status:

      • If console logon is not enabled for the RAM user, click Enable Console Logon to set an initial password. For more information, see Enable console logon for a RAM user.

      • If console logon is already enabled, click Modify Logon Settings to reset the password.

      image

    5. In the Modify Logon Settings panel, set a new password in the Set Logon Password section.

      • Keep Current Password Unchanged: No change is made to the password.

      • Automatically Regenerate Default Password: The system generates a new password.

        Important

        The autogenerated password is shown only once. You must copy it immediately and provide it to the RAM user through a secure channel.

      • Reset Custom Password: Enter a new password. The password must meet the requirements of your account's password policy. For more information about how to view or change the password policy, see Configure a password policy for a RAM user.

    6. (Optional) In the Password Reset section, select Required at Next Logon. This option is useful when you provide an initial password to a RAM user.

    7. Click OK.

    API

    1. Call the GetPasswordPolicy operation to query the password policy for RAM users. You can also view the policy in the console. For more information, see Configure a password policy for a RAM user.

    2. Depending on the RAM user's status:

    Change your own password as a RAM user

    As a RAM user, you can change your own password if your administrator has granted you permission and you know your current password.

    Prerequisites

    The Allow users to manage password setting must be enabled for your account. This setting is enabled by default. If you are unable to change your password, contact your administrator. For more information, see Manage the security settings of RAM users.

    Console

    1. Log on to the RAM console as a RAM administrator.

    2. In the left-side navigation pane, click Settings. In the Security section, click Modify to enable the Allow users to manage password setting.

    API

    Call the SetSecurityPreference operation and set the AllowUserToChangePassword parameter to true.

    Procedure

    Console

    1. Log on to the Alibaba Cloud Management console as a RAM user.

    2. Hover over the profile picture in the upper-right corner and click Security Information.

      image

    3. In the Logon Information section, click Change Password to the right of Password Management.

      image

    4. Enter your current password and your new password, and click OK.

    API

    Call the ChangePassword operation.