All Products
Search

This Product

    Key Management Service:changePswd

    Document Center

    Key Management Service:changePswd

    Last Updated:Nov 11, 2024

    This topic explains how to change a user's password on HSM using the changePswd command.

    Feature description

    • The changePswd command allows for the modification of an existing user's password on HSM. Users have the capability to change their own passwords.

    • The Cryptographic Officer (CO) is authorized to change the password of another CO or a Cryptographic User (CU).

    • Current password entry is not required to implement the change.

    Important

    Prior to executing this command, initiate the hsm_mgmt_tool, log on to the HSM, and verify that the user type of the logged-in user is permitted by the command.

    User types

    The following user types are eligible to execute this command. For user type descriptions, see HSM User Permissions Table.

    • Administrator (CO)

    • Cryptographic User (CU)

    • Provisional Administrator (PRECO)

    Syntax

    Enter the parameters as per the syntax provided below. To conceal the password, opt for the -hpswd parameter instead of the actual password and follow the subsequent prompts. For additional details, see Parameters.

    changePswd <user-type> <user-name> <password |-hpswd>
    Important

    Parameters must be entered in the sequence outlined by the syntax.

    Example

    As an illustration, this section demonstrates changing the password for the administrator (CO) named 'admin'.

    1. Utilize the info command to gather information about each HSM in the cluster, including the username and user type of the logged-in user.

      cloudmgmt>info server 0
Id     	Name   			Hostname       	 Port  	State  	        Partition      	 LoginState
0      	172.16.0.2             	172.16.0.2       2225  	Connected      	192168123006   	 Logged in as 'admin(CO)'

    2. Proceed to change the password.

      cloudmgmt>changePswd CO admin newPassword

    Parameters

    Parameter Name

    Description

    Required

    Valid Values

    <user-type>

    Specifies the type of user whose password is to be changed.

    Yes

    • CO

    • CU

    • PRECO

    Note

    Refer to the HSM User Permissions Table for user type descriptions.

    <user-name>

    The username for which the password is being changed. This parameter is case-insensitive.

    Yes

    No Special Requirements

    <password | -hpswd >

    The new password for the user. It must be a string of 7 to 32 characters and is case-sensitive. Typing the password will display it in plaintext. To conceal the password, use the -hpswd parameter and adhere to the prompts that follow.

    Yes

    No Special Requirements