After you’ve used JumpCloud to encrypt a system, set security policies, enforce multi-factor authentication, require strong passwords, and scan continually for malware threats, you want employees to manage their identities and passwords in this well-fortified environment. Mac users can reset their passwords from the JumpCloud Menu Bar App and from the User Portal.
We recommend you let users manage their own passwords using the JumpCloud Menu Bar App. Changing a password with the Menu Bar App also ensures that the user’s Mac passwords stored in Keychain and FileVault stay in sync with JumpCloud. Sometimes it’s not possible for a user to access the JumpCloud Menu Bar App, such as in the following cases:
- An administrator needs to update a password in Active Directory.
- User accounts are managed by Active Directory using AD Integration and can’t use the JumpCloud Menu Bar App to reset their password.
In these cases, an administrator can reset a user’s password in the JumpCloud Admin Portal. After you reset it, users need to sync their JumpCloud IdentityOS® password to the Mac using the JumpCloud Menu Bar App.
Considerations
- You can show users how to change their own passwords in the Menu Bar App.
- If Mac users change their passwords in the User Portal, they are required to sync their JumpCloud and macOS passwords. See Manage MacOS Passwords.
- If a user account is locked due to repeated failed login attempts, the account can be unlocked without the user having to reset their password. See Unlock User Accounts for details.
- If you set a temporary password, the user must first sync that temporary password with the device, FileVault, and keychain. Only after these all of these are in sync can the user change their temporary password.
- Make sure you’re using a supported web browser type and version.
To reset a Mac user's account from the Admin Portal:
- Log into the JumpCloud Admin Portal: https://console.jumpcloud.com.
- Go to USER MANAGEMENT > Users.
- Select a user.
- On the User Details panel, select Details.
- Select User Security Settings and Permissions.
- Click Reset Password.
- Enter the new password for the user.
- The password must be between 12-64 characters in length and cannot contain the user’s email or username.
- Click save user.
- The user must log out of their system and log back in with the new password.