Changing & Resetting User Passwords

Strong password management is a key part of keeping your OctopusPro account secure. OctopusPro supports both:

• Admin password changes (office/admin staff can set a new password for a user profile), and
• User self-service (users set their password during onboarding and can reset/change it later).

Use this guide to: reset access when a user is locked out, respond to a potential security issue, and keep staff access under control when roles change.

---

On this page

• When to change vs reset a password
• Change a user password (Admin)
• User self-service (set/reset their own password)
• Security best practices
• Troubleshooting
• Related articles

---

When to change vs reset a password

• Admin change (recommended when urgent): Use this when a user can’t log in and needs immediate access, or you suspect their account may be compromised.
• User self-service reset (recommended for privacy): Ask the user to use the “forgot password” / reset flow where possible, so they set a password only they know.

Important: Changing a password does not automatically unblock or reactivate a user. If the user is blocked or inactive, you’ll need to address that separately (see Related articles).

Back to top

---

Change a user password (Admin)

Admins (or staff with the right permissions) can change the password for a specific user profile from the Users list.

Navigation: Settings > Company Settings > Users

1. Locate the user whose password you want to update.
2. Click Actions next to their name.
3. Select Change password.

4. Enter the New password and confirm it.
5. Click Save.

What happens next?

• The updated password applies to that specific user profile.
• If the user is currently signed in, you may want to force logout the user to immediately end their active session (see Security best practices below).

Tip: If you use the same email address for multiple user profiles (e.g., Admin + Fieldworker), each profile can have its own password. Changing one profile’s password does not automatically change the others unless you intentionally set them the same (see Troubleshooting).

Back to top

---

User self-service (set/reset their own password)

1) First-time setup (invited users)

When you add or invite a user, OctopusPro sends an email that lets them verify their account and set their password. This is the most secure approach, because only the user knows the password.

Learn more: User Management: Adding, Inviting, Importing Users

2) Reset later (forgot password)

If a user forgets their password, they can use the password reset option on the login screen. The system will send a time-limited reset method (such as a secure link or verification code, depending on your setup) to the user’s email.

3) Change password while logged in

Users can also change their password from within their own account settings after logging in (location may vary by role and interface).

Need to help a user without sharing passwords? Use Login as Another User (User Impersonation) for troubleshooting instead of asking for their password.

Back to top

---

Security best practices

• Force logout after a reset (recommended for security incidents): If you changed a password due to suspected compromise or device loss, force logout the user so any active sessions end immediately.
  Force Logout Specific Users
• Use Role-Based Access Control (RBAC): Limit who can manage users and passwords to reduce risk and maintain accountability.
  Role Based Access Control (RBAC)
• Use separate logins where possible: Avoid sharing credentials between staff. If multiple people need access, create separate users for cleaner accountability and reporting.
• Share temporary passwords safely: If you must set a password for someone, share it via a secure channel (not in a public chat/email thread) and ask them to change it immediately after login.
• Review activity when investigating issues: Use the User Activity Log to review actions, login/logout events, and other changes during the timeframe of concern.
  User Activity Log

Back to top

---

Troubleshooting

User didn’t receive the reset / verification email

• Check email verification status: In the Users list, review the Email Verification column. If the account is unverified, resend the verification email from the user record (where available).
• Check spam/junk and mail rules: Ask the user to search their inbox for OctopusPro emails and check spam filters.
• Custom email template edits: If you’ve customized email templates, confirm your password reset template is enabled and uses the right placeholders.
  Email Templates | Template Placeholders | Canned Responses & Templates

Password changed but user still can’t access

• User is inactive: Activate the user profile so they can log in.
  Activate / Deactivate Users
• User is blocked: Unblock the user profile to restore access.
  Blocking a User
• Session issue: Force logout the user to clear any active sessions, then have them log in again.
  Force Logout Specific Users

Multiple profiles share the same email address

If you’ve created multiple user profiles using the same email (e.g., Admin + Fieldworker), each profile can have its own password. Make sure you’re changing the password for the correct profile.

Learn more: Allow using the same email address for multiple users

Back to top

---

Related articles

User access & security

• Role Based Access Control (RBAC)
• User Management: Adding, Inviting, Importing Users
• Edit User & Fieldworker Profiles
• Login as Another User (User Impersonation)
• User Activity Log

Account status controls

• Activate / Deactivate Users
• Blocking a User
• Deleting Users
• Force Logout Specific Users

Fieldworker-specific password help

• Reset or Change Fieldworker Passwords

Email templates for reset messages

• Email Templates
• Template Placeholders
• Canned Responses & Templates

To stay updated, please subscribe to our YouTube channel.