You can rotate all account passwords associated with a set on‑demand. For example, if there’s suspicious activity involving a particular set of accounts or a risk that a set of accounts has been compromised, you might want to invalidate the existing passwords and have the Privileged Access Service generate a new passwords without waiting for the end of the automated password rotation period.
Note: If you select a set that includes managed and unmanaged accounts, only managed accounts are rotated.
If you rotate a password while an account is currently checked out, the password that has been checked out will no longer be valid and cannot be used to log on or start any new sessions. If there are any existing open sessions that used the checked out password, those sessions can continue.
To rotate passwords in a set on demand:
- In the Admin Portal, click Resources, then Accounts to display the list of accounts.
- In the Sets section, right-click a set name, then click Rotate passwords.
Select Yes to confirm that you want to rotate the selected passwords.
Any passwords already checked out are also rotated.
You will receive an email notification of the password rotation activity when multiple account passwords are rotated. You can either open the CSV file to view activity or click the link in the email to view the Job History page.