Strong password policies are one of the many cornerstones of good administrative practice. That said, if an administrator is responsible for several dozen machines, all of which need to have a password rotated regularly, the process of manually providing new passwords for each machine can be tiresome.
PsPasswd is a freeware utility, courtesy of Mark Russinovich's excellent SysInternals site, which allows an administrator to change the password for a local or domain account, on either a local or remote computer. The program works by taking a computer name or names, either from the command line or specified in a plaintext file, and changing the password for an account as specified. The default account name is the currently logged-in account.
If the user supplies a wildcard for the computer name (i.e., *), all computers in the current domain are affected—a handy way to affect mass changes, although a conscientious administrator will probably not want to do this unless he's absolutely sure this is the right thing! Also, the default password option is a NULL (blank) password; if this is in violation of the password provisions currently enforced by applicable policies, the change will not take effect.
Note that when the administrative password is changed on a machine, certain functions that rely on a cached copy of the password will no longer work. For instance, SQL Server Agent jobs that run in the local machine's administrator context (as opposed to SQL Server's native sa context) will not work correctly after a password rotation. The administrator will need to reinitialize the job through the SQL Server Enterprise Manager to bring the password up to date. (There may be other contexts for this problem, perhaps with automated solutions, but the idea should be clear from this example.)
PsPassword can be downloaded from SysInternals.
Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check out his Windows 2000 blog for his latest advice and musings on the world of Windows network administrators – please share your thoughts as well!
This was first published in November 2004