Securing passwords in files
Password encoding and encryption deters the casual observation of passwords in server configuration and property files.
About this task
Procedure
- Password encoding and encryption
Passwords are automatically encoded with a simple masking algorithm in various WebSphere® Application Server ASCII configuration files. Additionally, you can manually encode passwords in properties files that are used by Java™ clients and by administrative commands for WebSphere Application Server. For more information on password encoding and encryption, see Password encoding and encryption.
- Encoding passwords in files WebSphere Application Server contains some encoded passwords that are not encrypted. The PropFilePasswordEncoder utility is included to encode these passwords. For more information on encoding passwords in a file, see Encoding passwords in files.
- Enabling custom password encryption You need to protect passwords that are contained in your WebSphere Application Server configuration. You can added protection by creating a custom class for encrypting the passwords. For more information on custom password encryption, see Enabling custom password encryption.