Using more secure password format

When you enter an Internet password and save the Person document, Domino® automatically one-way hashes the Internet password field. To improve the default password, use the more secure password format.

About this task

You can upgrade the password format for Person documents that already exist or automatically use the more secure password format for all Person documents that you create.

For existing Person documents

Procedure

  1. From the Domino® Administrator, click People & Groups, and select the Person documents that you want to upgrade to a more secure password format.
  2. Choose Actions > Upgrade to More Secure Internet Password Format.
  3. If all servers in the Domino® domain run release 8.0.1 or greater, select Yes - Password verification compatible with Notes/Domino release 8.0.1 or greater. Otherwise select Yes - Password verification compatible with Notes/Domino release 4.6 or greater.
    Note: Changing your Internet password in the Person document will upgrade the stored hash to a more secure SHA-256 format if the option for 8.0.1 or greater is set.

For new Person documents

Procedure

  1. From the Domino® Administrator, click Configuration, and select All Server Documents.
  2. Choose Actions > Edit Directory Profile.
  3. If all servers in the Domino® domain run release 8.0.1 or greater, select Yes - Password verification compatible with release Notes/Domino release 8.0.1 or greater. Otherwise select Yes - Password verification compatible with Notes/Domino release 4.6 or greater.
  4. Save and close the document.
    Note:
    • The Internet password stored hash will automatically use a more secure SHA-256 format if the option for 8.0.1 or greater is set.
    • The more secure password format is required if you choose to synchronize a user's Internet password with their Notes® password.
    Tip: Another way of preventing malicious sources from guessing passwords is to simply make them harder to guess – by making the passwords longer and more complex, using a variety of characters, avoiding the use of real words, and so on.