WAS v8.5 > Tune performance > Tune security > Tune, hardening, and maintaining security configurationsSecure passwords in files
Password encoding and encryption deters the casual observation of passwords in server configuration and property files.
The following topics can be used to add protection for passwords located in files:
- Encoding passwords in files WebSphere Application Server contains some encoded passwords that are not encrypted. The PropFilePasswordEncoder utility is included to encode these passwords. For more information on encoding passwords in a file, see Encoding passwords in files.
- Enabling custom password encryption You need to protect passwords that are contained in your WAS configuration. We can added protection by creating a custom class for encrypting the passwords. For more information on custom password encryption, see Enable custom password encryption.
Subtopics
- Encoding passwords in files
The purpose of password encoding is to deter casual observation of passwords in server configuration and property files. Use the PropFilePasswordEncoder utility to encode passwords stored in properties files. WAS does not provide a utility for decoding the passwords. Encoding is not sufficient to fully protect passwords. Native security is the primary mechanism for protecting passwords used in WAS configuration and property files.- Enable custom password encryption
You need to protect passwords that are contained in your WAS configuration. After creating your server profile, we can added protection by creating a custom class for encrypting the passwords.- Encoding passwords in files
The purpose of password encoding is to deter casual observation of passwords in server configuration and property files. Use the PropFilePasswordEncoder utility to encode passwords stored in properties files. WAS does not provide a utility for decoding the passwords. Encoding is not sufficient to fully protect passwords. Native security is the primary mechanism for protecting passwords used in WAS configuration and property files.- Enable custom password encryption
You need to protect passwords that are contained in your WAS configuration. After creating your server profile, we can added protection by creating a custom class for encrypting the passwords.
Related
Tune, hardening, and maintaining security configurations