How to Reset an Expired Windows Password with EPM and MFA

This document provides a guide on how to reset your expired Windows password when using Segura® EPM for authentication, specifically when Multi-Factor Authentication (MFA) is configured, and your current password requires changing upon login.

Requirements

Before proceeding, ensure the following:

• The Segura® EPM client installed on your Windows.
• Your Windows account is managed by Segura® EPM for login.
• Multi-Factor Authentication (MFA) is configured for your account via Segura®.
• Your organization's password policies (e.g., complexity, history) are configured and enforced either by Segura® or the underlying directory service (like Active Directory).

Reset an expired Windows password

If your Windows password is expired and you use Segura® EPM with MFA, EPM Windows prompts you to change it during sign-in. Follow these steps:

1. Start Windows with your Windows username.
2. When EPM Windows prompts, enter your MFA token (for example, the TOTP code from your authenticator app).
3. If your password has expired, EPM Windows opens the Password Reset screen.
   This screen appears only when your password has expired and must be updated to complete the log in.

4. In New password, enter a new password.
5. In Confirm new password, enter the same password.
   Attention

   Your password must meet your organization's policy (minimum length, character types, complexity). If it doesn’t, EPM Windows will show an error and will not change the password.

6. Click Change Password.
7. EPM Windows validates the new password.
8. When the change succeeds, Windows logs you in.