Securing passwords in files

Password encoding and encryption deters the casual observation of passwords in server configuration and property files.

About this task

The following topics can be used to add protection for passwords located in files:

Procedure

  • Encoding passwords in files
    WebSphere® Application Server contains some encoded passwords that are not encrypted. The PropFilePasswordEncoder utility is included to encode these passwords. For more information on encoding passwords in a file, see Encoding passwords in files.
  • Enabling custom password encryption
    You need to protect passwords that are contained in your WebSphere Application Server configuration. You can added protection by creating a custom class for encrypting the passwords. For more information on custom password encryption, see Enabling custom password encryption.