Skip to main content

Edit and manage a user account


How to edit Sitecore users accounts, change their roles, unlock their security accounts or disable or delete them.

As a security administrator, you can edit and manage many aspects of a user account.

This topic outlines how to:

  • Edit a user account

  • Change a user's password

  • Unlock a user’s security account

  • Disable a user

  • Delete a user

In the User Manager, you can edit a users' account information, change the roles that they are members of, or delete them from Sitecore.

To edit a user:

  1. In the User Manager, click the relevant user and in the Users group, click Edit.

  2. Edit the user information on the following tabs:

    • The General tab – change the user's name and email address. You can also edit the image that is used as a portrait of the user in Sitecore.

    • The Member Of tab – edit the roles that the user is a member of and associate one or more domains with the user.


      If you want to allow users of a locally managed domain to see and manage more domains than the one they belong to, you can click Domains and associate the relevant domains to the user. Users of global domains can, by default, work with all domains, but if you associate one or more domains to this type of user, they are restricted to only seeing the domains you associated.

    • The Profile tab – in the User Profile section, specify the start URL that should open for the user when the user logs in. No matter what you choose, the user has access to all the same things.

    Start URL



    The Launchpad opens from where the user can open and view everything that the user has to access.

    Content Editor

    The Content Editor opens.

    Experience Editor

    The Experience Editor opens.


    Sitecore opens in preview mode.


    Sitecore Desktop opens.


    Sitecore opens the custom URL that you enter in the field. For example, if you want Sitecore to open the Media Library on login.

    • In the Additional Properties section, edit information about the user profile that was selected for the user when their account was created.

    • The Language Settings tab – in the Sitecore Client section, specify the language and the regional code that the Sitecore client should use when the user logs in. In the Content section, specify the default language of the website content for the user.

    • The Information tab – view the history of the user. This includes when the user was created, the last login time, and so on.

  3. When you have finished editing the user, click OK.

If necessary, a security administrator can change a user’s password.

To change a user's password:

  1. Open the User Manager and click the relevant user.

  2. In the Users group, click Change password.

  3. In the Change Password dialog box, in the Old Password field, enter the old password, and then enter and confirm the new password.

    Change Password dialog box

    However, if you do not know the old password, you can randomly generate a new password.

  4. To change the user’s password, click Generate.


    The user’s current password becomes invalid as soon as you generate the new password.

  5. Copy the generated password to the clipboard and send it to the relevant user.

The user can then log in to Sitecore and change their password to one that they can remember. However, if the user is locked out of Sitecore, the user will not be able to log in (even with the new password) to change the password. In this situation, the security administrator must also unlock their security account.

If a user is locked out of Sitecore, they must ask the security administrator to unlock their security account.

To unlock a user account:

  1. Open the User Manager and click the relevant user. In the Locked column, an indicator shows if a user has been locked out of Sitecore.

  2. In the Users group, click Unlock.

A security administrator will occasionally have to prevent users from accessing the system for a certain period, for example, if a user is on extended leave. In this situation, you can disable the user.

To disable a user:

  1. Open the User Manager and click the relevant user. In the Locked column, Disabled indicates if a user has been disabled.

  2. To disable a user, in the Users group, click Disable. To enable the user again, click Enable.

As a security administrator, you must remove users and roles from the security system as your company changes and grows.

When you delete a user, Sitecore:

  • Removes this user from all the roles that they are a member of.

  • Removes the account definition item.

  • Does not remove the access rights associated with the user. The access rights are still stored on the individual items in the content tree.

    This means that if you create a new user with the same name as an old one, the new user is granted the same access rights as the old one. However, the new user account does not automatically become a member of any roles.


    This is one of the reasons that you should only assign access rights to roles. In this way, you minimize the risk of inadvertently granting them individual access rights to items in the content tree. You can concentrate on managing the access rights of the roles that they are members of.

To delete a user:

  1. Open the User Manager and click the user that you want to delete.

  2. In the Users group, click Delete.