1. Home
  2. Passwords and Unlocks
  3. Change your password

Change your password

To keep your account secure you will need to change your password every 365 days. You will be reminded to change your password via email 18, 10, 5, 2 and 1 day(s) before it expires.

Remember, you must change your password immediately if you think someone else knows what it is. If your password expires, you will need to contact your Local Administrator.

Following a password change, to prevent your account from becoming locked you will need to update your new password on all the devices (including personal devices) that you use to access NHSmail, for example mobile phone, Outlook desktop, tablet etc.


Once a user has migrated to Exchange Online, they will no longer be able to update their password through the Outlook Web App (OWA) ‘My Account’ https://myaccount.microsoft.com/ option and will see the following message displayed

Users are advised to change their password using the ‘Profile’ section on the NHSmail portal following the below steps. 

Change Password  To change your password, click on the Change Password button


Please wait for 2-3 minutes before signing in after a password reset as it may take 2-3 minutes to synchronise between On-Premise and Exchange Online.


1. Go to the NHSmail Portal at www.nhs.net, click on ‘Login’ in the top right-hand corner of the page and login using your current NHSmail username and password.


2. Click Profile in the navigation bar at the top of the screen


3. Click Change Password at the top right of the screen

A new window will open


4. Enter your email address and your old password. You will need to enter your new password twice in the fields provided



Do not use the ‘£’ character in passwords as it is not supported in certain application layer protocols.

Note: Refer to the Additional Information box below for information on password requirements

5. Click Submit



When your password has been updated you will see the message

6. Click the cross at the top right to close the window


You will need to open a new browser, navigate to www.nhs.net and use your new password when you next log on. To prevent your account from becoming locked, remember to update this new password on all the devices (including personal devices) that you use to access NHSmail, for example mobile phone, Outlook desktop, tablet etc.

Additional Information

For your password to be valid it must meet the following criteria:

  • Minimum length – 10 characters without requiring a mix of character types
  • Should not contain the ‘£’ character
  • Not matching previous 4 passwords
  • Not detected as a common password, for example Password123, Winter2018
  • Not detected as a breached password (a password used for an account that has previously been compromised). Breached passwords will be sourced from an internet-based breach database.

Your new password can be used for up to 365 days.

If you receive an error when attempting to change your password, check that it meets the requirements listed above and try again.

Top tip

A good way to create a strong and memorable password is to use three random words. Users should be creative and use words that are memorable to only them, so that people can’t guess their password.

Updated on 25/10/2021

Related Articles

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support
back to top