Password encoding and encryption deter the casual observation of passwords in server
configuration and property files.
About this task
You can use the following actions to add protection for passwords that are located in
files:
Procedure
-
Encode passwords in files.
WebSphere®
Application Server contains some encoded passwords that are not encrypted. The
PropFilePasswordEncoder command is included to encode these passwords.
-
Encrypt passwords be using Advanced Encryption Standard (AES).
You can encrypt passwords in the client environment and the server environment by using Advanced
Encryption Standard (AES).
-
Enable custom password
encryption.
You need to protect passwords that are contained in your WebSphere Application Server
configuration. You can add protection by creating a custom class for encrypting the passwords.
-
Encode or encrypt passwords.
Passwords are automatically encoded with a simple masking algorithm in various WebSphere Application Server ASCII
configuration files. Additionally, you can manually encode passwords in properties files that are
used by Java™ clients and by administrative commands for WebSphere Application Server.