Practical Method for Resetting vCenter Password – Safe Recovery Without Reinstall

 Introduction

Recently, while upgrading a customer's vCenter, I encountered a situation where the root password was unknown. The customer also asked around but couldn't find it. To recover this root password, I did some research, and today I'm sharing it here. The practical environment for this operation: VMware vSphere vCenter 8.0.

Steps:

1. Use the Administrator@vsphere.local account to log in to https://vCenterIP:5480.

2. Navigate to the "Access" tab and check whether vCenter SSH login is enabled. If SSH remote access is not activated, click "Edit" and enable "Activate SSH Login."

3. Use the Administrator@vsphere.local account to SSH remotely into the vCenter server.

4. Type "shell.set --enabled true" to enable the shell function.

 
shell.set--enabled true

5. Type "shell" to enter the shell bash interface.

6. Use "sudo passwd root" to update the root password. Enter the new password twice.

7. Sometimes the account might be locked, so we need to unlock it first.

version before 8.0 u2 

 
sudo pam_tally2 --user=root --reset

version after 8.0 u2 (include 8.0 u2)

 
sudo /usr/sbin/faillock --user root --reset

Your Can Refer to this VMware official document:

• VMware Official vCenter Password Recovery Documentation
  https://docs.vmware.com/en/VMware-vSphere/index.html

• VMware vCSA Security & Access Management
  https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security

🔍 Why vCenter Password Reset Is a Common Admin Challenge

Password-related lockouts are one of the most frequent vCenter operational issues, especially in environments with:

• Password expiration policies

• Staff turnover

• MFA misconfiguration

• Limited documentation

Using a practical and supported vCenter password reset method helps administrators restore access without risking data loss or reinstallation.

---

🛠 Common Scenarios That Require Resetting vCenter Passwords

You may need to reset a vCenter password when:

• The root or administrator password is forgotten

• vCenter services are running, but the login fails

• Password expired, and SSH access is blocked

• Appliance shell is disabled

• Access is needed urgently during outages

This practical reset approach minimizes downtime and avoids unnecessary rebuilds.

---

✅ Best Practices Before Resetting vCenter Passwords

Before performing a password reset, always:

• Take a snapshot of the vCenter appliance

• Ensure console access via ESXi or vSphere

• Confirm the exact vCenter version

• Schedule a maintenance window if possible

These steps reduce the risk of recovery and help ensure a smooth reset process.

🔹 Password & Recovery Related

• vCenter 8.0 Password Recovery from GRUB
  https://anfuitblog.blogspot.com/2025/12/vcenter-80-password-recovery-from-grub.html

• How to Reset VMware vCenter 6.7 Root Password
  https://anfuitblog.blogspot.com/2025/09/how-to-reset-vmware-vcenter-67-root.html

🔹 Service & Access Troubleshooting

• VMware vCenter 503 Service Unavailable – Troubleshooting Guide
  https://anfuitblog.blogspot.com/2025/08/vmware-vcenter-503-service-unavailable.html

• Practical Method for Resetting vCenter Password

 

vCenter 8.0 Password Recovery from GRUB – Step-by-Step Root Access Guide

A few days ago, I installed vCenter 8.0 to use as a lab environment, but after installation, I found that no matter what password I entered, it was incorrect. After several attempts, I realized I had remembered the wrong password, so I'm documenting this article to help myself and others figure out what to do when you forget your vCenter password.

This article outlines the steps to reset the root password on the ESXi host where vCenter is installed, including reboot procedures, modifying command-line options, and using vDCA to generate a new administrator password.

Introduction

Losing administrative access to VMware vCenter 8.0 can quickly turn into a critical outage. Fortunately, VMware provides a supported way to recover the vCenter root password using GRUB mode, allowing administrators to regain control without reinstalling the vCenter Server Appliance (vCSA).

This guide explains how vCenter 8.0 password recovery from GRUB works, when to use it, and best practices to avoid future lockouts.

Resetting the root account password

1. First, to reset the root password, log in to the ESXi host where vCenter is installed and reboot vCenter.

2. Open the virtual console. When the Photon interface appears, press the "e" key to enter the "Options" settings.

3. After pressing "e", the GNU GRUB interface appears.

4. Add "rw init=/bin/bash" after "fips=1", then press "F10" or "Ctrl+X" to boot into the system.

   This mounts the root filesystem in read-write mode (rw) and specifies the system initialization process as the bash shell (init=/bin/bash), bypassing the normal login process and directly entering a command-line environment with root privileges, used for system troubleshooting (such as resetting passwords, modifying configuration files, etc.).

5. Enter the following commands in sequence:

   mount -o remount,rw / (Remount the already mounted filesystem with read-write permissions to the root directory)

   passwd root (Change the root password)

   Enter the new password

   Enter the new password again

   umount / (Unmount the root filesystem)

   reboot -f (Force reboot the system)

 
mount -o remount,rw / 
passwd root
New password
Retype new password
umount /
reboot -f

Modifying the vCenter password

1. Open the virtual console and press "Alt+F1" to enter the vc command-line interface.

2. Log in with the root account using the newly reset root password.

3. Enter "shell" to enable BASH.

4. Use the "vdcadmintool" command tool to reset the password. Enter the command "/usr/lib/vmware-vmdir/bin/vdcadmintool".

5. Select option 3, "Reset account password", to reset the account password. Enter "3" and press "Enter".

6. Enter "administrator@vsphere.local" and press "Enter". A random password will be generated.

7. Copy the generated random password, open the vc page in a browser, and log in.

8. After entering vc, click the account icon in the upper right corner and select "Change Password".

9. After changing the password, click confirm.

Conclusion

The vCenter 8.0 account password reset process is now complete. For newcomers to the IT field, especially those getting familiar with data center infrastructure, small issues like forgetting a password are actually great opportunities to understand the underlying system logic. It helps you better understand vCenter's boot process, the role of command-line tools (like passwd and vdcadmintool), and more.

However, prevention is always better than recovery—secure your vCenter access, monitor password policies, and document emergency procedures to stay in control of your virtual infrastructure.

Related troubleshooting guide:
https://anfuitblog.blogspot.com/2025/09/how-to-reset-vmware-vcenter-67-root.html