Securing passwords in files

Password encoding and encryption deters the casual observation of passwords in server configuration and property files.

About this task

The following topics can be used to add protection for passwords located in files:

Procedure

  • [IBM i]Password encoding and encryption
    Passwords are automatically encoded with a simple masking algorithm in various WebSphere® Application Server ASCII configuration files. Additionally, you can manually encode passwords in properties files that are used by Java™ clients and by administrative commands for WebSphere Application Server. For more information on password encoding and encryption, see Password encoding and encryption.
  • Encoding passwords in files
    WebSphere Application Server contains some encoded passwords that are not encrypted. The PropFilePasswordEncoder utility is included to encode these passwords. For more information on encoding passwords in a file, see Encoding passwords in files.
  • Enabling custom password encryption
    You need to protect passwords that are contained in your WebSphere Application Server configuration. You can added protection by creating a custom class for encrypting the passwords. For more information on custom password encryption, see Enabling custom password encryption.