Siebel Security Guide > Changing and Managing Passwords >

Encrypting Passwords Using the encryptstring Utility

Using the Siebel Configuration Wizard to change an anonymous user password, or the Siebel Enterprise security token, automatically saves the password in encrypted form. If, however, you have to manually add an encrypted value for the corresponding parameters in the eapps.cfg file (AnonPassword or SiebEntSecToken), then use the encryptstring.exe utility to generate the encrypted value to provide as the parameter value.

Although the anonymous user has limited privileges, it is generally recommended to use more secure passwords for production deployments of your Siebel Business Applications. For anonymous user accounts, changing passwords involves changing passwords for database accounts and changing passwords in the eapps.cfg file.

NOTE:  If you want to use different database accounts for the anonymous user for different applications, then you must manually update the eapps.cfg file.

The following procedure describes how to encrypt a password using the encryptstring utility.

To encrypt a password using the encryptstring.exe utility

1. Locate the encryptstring utility.

   The utility is installed with both the Siebel Server and the SWSE. It is located in the SIEBSRVR_ROOT\bin and SWEAPP_ROOT\bin directories, where SIEBSRVR_ROOT is the Siebel Server installation directory, and SWEAPP_ROOT is the SWSE installation directory.

2. To generate an encrypted value for a password, enter the following command:

   encryptstring password

   For example, if you want to store the encrypted version of GUESTCST, a password you might initially specify for the anonymous user account, then enter:

   encryptstring GUESTCST

   The output in this case might be something similar to the following:

   fhYt8T9N4e8se4X3VavTjQXwAEqm

   The specific value that is returned changes each time you use the encryptstring utility.

   NOTE:  The encryptstring utility does not support the use of special characters such as quotation marks, greater than signs, less than signs, plus signs, caret symbols, or ampersands. If you run the encryptstring utility for a password that includes these characters, then an encrypted version of the password is not generated by the utility.