> For the complete documentation index, see [llms.txt](https://enterprise.hideez.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://enterprise.hideez.com/hideez-server-integration/microsoft-entra-id/import/user-initiated-password-changes.md).

# User-Initiated Password Changes

### Function Overview

This function allows the user to change the password of their domain account via the Hideez Client. 

After the password is changed, the user can sign in without manually entering the password — it is automatically read from the Hideez Key.

**The password change complies with domain security policies, including:**

* password complexity requirements;
* limits on password change frequency;
* defined intervals between changes.

{% hint style="info" %}
To use this feature, the administrator must first create the user’s account on the Hideez Server. Then, the user enters their current password to verify their identity.
{% endhint %}

### Prerequisites

Before starting, ensure that:

* [Integration between the Hideez Server and Entra ID is properly configured.](https://enterprise.hideez.com/hideez-server-integration/microsoft-entra-id)
* The user is created [manually](/hideez-enterprise-server/employees/how-to-add-an-employee.md) on the Hideez Server or [imported from Entra ID](https://enterprise.hideez.com/hideez-server-integration/microsoft-entra-id/import#scenario-2-importing-users-with-automatic-password-change).
* [The user must have a Hideez Key with status “Ready”, “Active” or “Reserved**”.**](/hideez-enterprise-server/keys-management/keys-statuses.md)
* [The Hideez Client is installed on a workstation ](/hideez-client-app/windows-deployment/set-up-hideez-client-app.md)
* [The workstation is joined to the Entra ID.](https://learn.microsoft.com/en-us/entra/identity/devices/device-join-out-of-box)
* [The workstation is approved on the Hideez Server.](/hideez-enterprise-server/workstations/how-to-add-and-approve-workstations.md)

### Step 1. Creating a Domain Account

1. Sign in to the Hideez Server using an administrator account.

2. Navigate to the user list, select the appropriate user, and open their profile.

3. Click **Create personal account**.

4. In the account creation form, fill in the required fields:
   * **Name**\* – a descriptive name for the account;
   * **Login Type** – select **Azure AD Account**;
   * **Login**\*:- the email of the Entra ID user;

5. Select the checkbox **Skip Password** — the user will add the password later via the Hideez Client.

6. Click **Create** to save the account.

**Example domain account:**

* **Name**\* – John Smith Entra ID Account
* **Login Type** – **Azure AD Account**;
* **Login**\*:

  * **User Logon Name** – <js@hideez.com>

  <figure><img src="/files/XmZrF8wjrhcu3ur7VqYc" alt=""><figcaption></figcaption></figure>

### Step 2. Initial Computer Unlock

The user signs in to a workstation joined to the Active Directory domain and connects the Hideez Key to the Hideez Client.

### Step 3. Setting the Current Password

After the key is connected, the user account is automatically loaded onto the key from the server. This account is marked with a gear icon and does not contain a password — it cannot be used to unlock the computer until a password is added.

To add a domain password to the account on the key, the user must manually enter their current password via the Hideez Client interface.

**To do this, follow these steps:**

1. Connect the key to the workstation.
2. Wait for the account to appear on the key.
3. Select the corresponding account on the key.
4. Set the current domain password via the **Hideez Client** interface.
5. Save the changes.

<div><figure><img src="/files/zmeT9jXdFqs97GmMAGTS" alt=""><figcaption></figcaption></figure> <figure><img src="/files/nC6ntVzvlUiR27lCzJoQ" alt=""><figcaption></figcaption></figure></div>

After completing these steps, you will be able to unlock the workstation using this account on the key.

{% hint style="info" %}
**Note:** The password will be saved on the key and automatically read during future sign-ins.
{% endhint %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://enterprise.hideez.com/hideez-server-integration/microsoft-entra-id/import/user-initiated-password-changes.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.