You can set a central policy for using or accepting encrypted passwords in theAdministrationmodule underUser Management | Settingsby setting thePassword Encryption Policyfield.
The behavior according to thePassword Encryption Policysetting is as follows:
Supported |
The system can receive requests with encrypted password (default). |
Required |
The system requires an encrypted password for every authenticated request. |
Unsupported |
The system rejects requests with encrypted password. |
Using Your Secure Password
To secure your password:
- Open your profile page (click on your login name on the upper-right corner and select Edit Profile), type-in your password in theCurrent Passwordfield and clickUnlock.
- Once your profile is unlocked, click the corresponding icons next to your encrypted password to view it openly or copy it to the clipboard.
Different encryption mechanisms
The encryption mechanisms of the Oracle and IBM JDKs are not identical. Switching from one to another will make your encrypted password obsolete.
IBM JDK Encryption Restrictions
Some of the IBM JRE/JDK are shipped with a restriction on the encryption key size (mostly for countries outside the US); This restriction can be officially removed by downloading unrestricted policy files from IBM and overriding the existing ones:
- Register and download the unrestricted JCE policy files from theIBM website.
- Select the correct zip that matches your JAVA version.
- The downloaded zip file contains 2 jar files -
local_policy.jar
andUS_export_policy.jar
. Backup the existing files in$IBM_JDK_HOME/jre/lib/security
and extract the jars from the zip file to this location - Restart the system.