Type: Stored procedure

Use this procedure to change a user's password.

You should never update the password / passwordhash columns in the User-table directly.


@UserID mandatory int
@Password mandatory nvarchar(200)
If the text '#SAME#' then the password will be unchanged.

Since you can't know what a user's password was if it has been hashed this is useful in newedits where you have to set the default value of the password field. Remember to use CONVERT(nvarchar(200), '#SAME#') in the GetEditFields procedure.
@PasswordHash optional varbinary(1000)
If you already have a hash of the password, for example because you've used a password field with the Hash Password setting then you can pass the hash directly to this procedure.

If you don't then just pass NULL and the procedure will hash the plaintext password in the @Password parameter.
@PasswordHasExpired optional bit
Set to 1 to force the user to change their password the next time they log in. Defaults to 0.
Possible value Description
NULL Use current value.
@EnforcePasswordPolicy optional bit
If the new password has to comply with the current password policy. Defaults to 1.
@LanguageId optional int
Language to use for error messages.
@ErrorMessageOut mandatory nvarchar(max)
Error message. Null if no error.