The "Required Actions" are used by admin to force user take some actions in the next login. What i am asking for is how the user can change his password after successfully login. Maybe the user realizes his password has been compromised and want to update it. I don't want to use the "Forgot Password" link on the login page because - the user did not forget his password, he just want to change it - maybe the user's email is also compromised and cannot access email - the link in the password reset email has an expiring time Thai On Fri, Apr 13, 2018 at 9:48 AM, Sachin Rastogi <sr.misc(a)gmail.com&gt; wrote: -- Castor Technologies Inc 460 rue St-Catherine St Ouest, Suite 613 Montréal, Québec H3B-1A7 (514) 360-7208 o (514) 798-2044 f ntle(a)castortech.com www.castortech.com CONFIDENTIALITY NOTICE: The information contained in this e-mail is confidential and may be proprietary information intended only for the use of the individual or entity to whom it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any viewing, dissemination, distribution, disclosure, copy or use of the information contained in this e-mail message is strictly prohibited. If you have received and/or are viewing this e-mail in error, please immediately notify the sender by reply e-mail, and delete it from your system without reading, forwarding, copying or saving in any manner. Thank you. AVIS DE CONFIDENTIALITE: L’information contenue dans ce message est confidentiel, peut être protégé par le secret professionnel et est réservé à l'usage exclusif du destinataire. Toute autre personne est par les présentes avisée qu'il lui est strictement interdit de diffuser, distribuer ou reproduire ce message. Si vous avez reçu cette communication par erreur, veuillez la détruire immédiatement et en aviser l'expéditeur. Merci.