Beginning with v2017.3, the Admin Console password is now encrypted by default when entered into the Admin Console or when set through an API call. This is done to increase the security of credential storage by preventing plain text passwords from being saved to disk in the unencrypted version of the configuration file.
Note. If updating from an older version, existing passwords will not be encrypted automatically.
There are two ways to set an encrypted Admin Console password: Using the Admin Console or the API.
Browse to the Admin Console
Navigate to General > Other Settings
Enter the desired password into the Password and Confirm Password fields
Click Apply or OK
To verify that the configuration contains the encrypted password, open the XML config file in a text or XML editor and locate the <password> node.
The value should be an encrypted string surrounded by brackets [ ].
To add an encrypted password to a programmatically generated config file:
api.General.Password = api.General.EncryptPassword("mypassword"); api.SaveData(); // Save the configuration file to disk
To verify whether two passwords match:
bool IsMatch = api.General.CheckPassword("mypassword", api.General.Password);
To verify if an existing password is encrypted:
bool IsEncrypted = api.General.IsHashedPassword(api.General.Password);
Password encryption is one-way. An encrypted password cannot be decrypted into plain text.
The encryption algorithm used is SHA-256. Passwords are salted.
Note. We still recommend that the plain text config file (e.g. WebReports.xml) is removed in favor of the encrypted config file (e.g. WebReports.xml.enc) in a production environment. See Security Checklist for more information.