Skip to main content

PasswordHash

Set the default password for the predefined user accounts using a cryptographic hash of the password and its salt.

Synopsis

[Startup]    PasswordHash=a,b[,c,d]

a is a hashed password. b is its salt, c and d optionally indicate the work factor and algorithm used to hash the password.

Description

The primary use for PasswordHash is to set the default password for the predefined user accountsOpens in a new tab in automated deployments. PasswordHash specifies a hashed password and its salt. and optionally the work factor (default 10000) and the hashing algorithm (default SHA512) used to hash the password. When it is used in a CPF merge file, on instance startup the stored password hash for each enabled user account with at least one assigned role — that is, all of the predefined accounts except CSPSystem, which does not have an assigned role — is set to the value of PasswordHash . If PasswordHash is empty, the CPF merge operation ignores it.

Important:

The PasswordHash property can be used just once on any given InterSystems IRIS instance, and only if the default password has not yet been changed for any of the predefined accounts. Because allowing the default password to remain unchanged following deployment is a serious security risk, the PasswordHash setting should be used in a configuration merge operation to change the default password during deployment and not later. (For information on how to change an individual user’s password, see Edit an Existing User Account.)

PasswordHash is not recommended for changing passwords on a deployed instance.

Example

For details about hashing a password and an example of using PasswordHash when deploying a container, see Authentication and Passwords.

See Also

FeedbackOpens in a new tab