By default, the vCenter Single Sign-On password expires every 90 days. To prevent unexpected expiration, the vSphere Client issues a warning when the password is about to expire; however, if you find yourself in a situation where you cannot recall the password or the password has expired, it can be reset. The reset process is performed from an SSH session to vCenter.

Reset SSO Administrator Password

To begin, SSH to the vCenter Server Appliance and log in with the root account.

vCenter Root Log In

Next, enable BASH shell access and launch BASH.

shell.set –enabled true


Enable Bash Shell

With BASH launched, we will run the vdcadmintool to reset the SSO account password.



Select option 3 to Reset account password.

Reset Account Password

Enter the Account UPN. After hitting enter, a new password is automatically generated.

NOTE – The account format is SSOusername@vsphereDomain.localTypically, the account is administrator@vsphere.local.

SSO Account UPN

Navigate back to the vSphere Web Client and log in with the newly generated password.

vCenter Client Log In

Change SSO Administrator Password

To change the SSO admin password, select Administration from the Navigator menu.

vCenter Navigator

Next, locate the Administrator user from the Single Sign-on Users and Groups. Click the pencil to edit the account properties.

SSO Administrator

Enter the Current Password and a new password. Confirm the password. Select OK to submit the changes.

Password Reset

The SSO admin password has now been reset and changed. It is also possible to change the password expiration from the default 90 days.

Change SSO Administrator Password Expiration

To set the password lifetime, navigate to the Single Sign-On Configuration under Policies. Select Edit on the Password Policy.

Password Policy

The maximum number of days allowed is 9999. To set the password to never expire, enter 0 in the Maximum Lifetime days. Press Ok to continue.

Password Expiration

That’s it!

Password Never Expires

VMware KB – How to unlock and reset SSO password in vSphere 6.x

Related Posts