This Method is used to change the password of the user for the Session used to call the Method. The Method shall fail with Bad_InvalidState if the user token type for the Session is not USERNAME.

The bit MustChangePassword in the UserConfigurationMask defined in 5.2.3 indicates if the Server requires that the user changes the password.

If the user that is used to activate a Session is required to change the password, the Service ActivateSession shall return Good_PasswordChangeRequired and the activated Session shall have only the Role Anonymous. In this state, the Session shall be allowed to call ChangePassword for the user that activated the Session.

After a successful call of ChangePassword, the Client is required to call ActivateSession for each of the affected Sessions with the user and the new password to apply the change.

Even if the Method is not browseable through a hierarchy for the Session user, it shall be accessible and callable by the Session user with the well defined NodeIds for the UserManagement Object and the ChangePassword Method.

This Method affects security and shall only be browseable and callable through an encrypted channel. It shall be callable by the Session user if the user token type for the Session is USERNAME, even if the Role for the user is Anonymous.

Signature

ChangePassword (

[in]String OldPassword,

[in]String NewPassword

);

Argument

Description

OldPassword

The old password for the Session user.

NewPassword

The new password for the Session user. It is recommended that the user interface for entering the new password requires to enter the password twice to avoid typos.

The Server can apply additional restrictions to the accepted password in addition to the one indicated by PasswordOptionMask.

Method Result Codes

ResultCode

Description

Bad_IdentityTokenInvalid

The old password is not valid.

Bad_OutOfRange

The new password is outside the valid range of accepted length and characters.

Bad_InvalidState

The caller is not authenticated with a USERNAME user token.

Bad_NotSupported

The password cannot be changed due to NoChangeByUser user configuration mask setting.

Bad_SecurityModeInsufficient

The communication channel is not using encryption.

Bad_AlreadyExists

The new password matches the old password.