This paper discusses issues and idiosyncrasies associated with changing passwords and keys in distributed computer systems. Current approaches are often complicated and fail to provide the desired level of security and fault tolerance. A novel and very simple approach to changing passwords/keys is presented and analyzed. It provides a means for human users and service programs to change passwords and keys in a robust and secure fashion.