The users that have access for an account are accessible via a request to the users resource on the account.
Although at this time the set of users that can access an account is managed directly by Bandwidth Personnel, it is possible to manage the password for a user. This function is constrained so that a user may only reset their own password, and must place the API call using those credentials.
The password has a minimum length of 6 characters and a maximum length of 20.
In the case of a lost password Bandwidth support personnel can provide a password reset.