All passwords stored and communicated within the Operations Center environment are encrypted using a Tiny Encryption Algorithm (TEA) cipher. If the external I&A option is deployed without SSL configured, then passwords are decrypted and sent in clear text.
When configuring adapters to communicate with other management systems, the Operations Center administrator defines a set of credentials (such as an account name and password) for each Operations Center server that communicates with other servers. Operations Center server credentials are stored on each Operations Center server, and the passwords are stored in an encrypted format. During communication between Operations Center servers, the credentials are transmitted in encrypted form and processed using the credential data stored on the remote Operations Center server, regardless of whether the server operates in secured or unsecured mode.
The Operations Center Configuration Manager provides password control options that meet diverse security requirements. The key password management features are:
You can use a combination of password patterns, password expiration intervals and password reuse rules to control user defined passwords for logging into Operations Center. These password management settings are defined in Security pane of the Configuration Manager.
For more information, see
Security Pane in the Operations Center 5.6 Server Configuration Guide
You can force new users to change their passwords upon initial login to the Operations Server console.
For more information about forcing new users to change their passwords, see Section 2.3.4, Forcing Password Resets.
All users can change their passwords at any time by using the Operations Server console. In addition, the administrator might require changing passwords on a scheduled basis.
To change a user password:
In the Operations Server console, click> .
In thedialog box, type the current password in the field.
Type the new password in both theand fields to confirm the spelling.