Passwords

Passwords are your first line of defense against unauthorized access to the components and data of Enterprise Server. For Information about how to use passwords for Enterprise Server, see Administering Passwords.

Master Password and Keystores

The master password is an overall shared password and is the most sensitive piece of data in the system. It is never used for authentication and is never transmitted over the network. You can choose to enter the master password manually when required, or obscure it in a file.

The master password is the password for the secure keystore. When a new application server domain is created, a new self-signed certificate is generated and stored in the relevant keystore, which is locked using the master password (default password changeit). If the master password is not the default (that is, you have changed it), you are prompted for the master password. After the correct master password is entered, the domain starts.

Administration Password

The administration password, also known as the admin password, is used to invoke the Administration Console and the asadmin utility. This password is usually set during installation, but it can be changed. For instructions, see To Change the Administration Password.

Encoded Passwords

Files that contain encoded passwords need to be protected using file system permissions. These files include the following:

• domain-dir/master-password

  This file contains the encoded master password and should be protected with file system permissions 600.

• Any password file created to pass as an argument by using the --passwordfile argument to the asadmin utility should be protected with file system permissions 600.

For instructions, see To Set a Password From a File.