What is the purpose of the property "apigee.forgotPassword.EncryptionPassword" in apigee.conf file ?

There is a property "apigee.forgotPassword.EncryptionPassword" in apigee.conf file and it is set to the value "Change Me" (default value).

Could someone please let me know how this parameter is used when you want to reset your password?

Is it a password salt or default password?

Solved Solved
0 2 197
1 ACCEPTED SOLUTION

Not applicable

That password is used for some encryption during the reset password flow.

I am being purposefully vague here, as for security purposes I don't want to reveal any details of our reset password flow.

If you suspect the value has been compromised, then you should update the value.

The value should be a random string.

View solution in original post

2 REPLIES 2

Not applicable

That password is used for some encryption during the reset password flow.

I am being purposefully vague here, as for security purposes I don't want to reveal any details of our reset password flow.

If you suspect the value has been compromised, then you should update the value.

The value should be a random string.

@coverbeck,

Thanks for your answer.