p4 passwd

Change the P4 Server password of a user.

Syntax

p4 [g-opts] passwd [-O oldpassword] [-P newpassword] [user]

Syntax conventions

Description

As soon as possible, create a password, and make it a Strong password.

We recommend that you improve security by using ticket-based authentication. We recommend security level 4 or higher. To learn more , see Server security levels in the P4 Server Administration Documentation.

To authenticate with tickets, first set a password with p4 passwd, and then use the p4 login and p4 logout commands to manage your authentication.

You can further improve security by assigning users to groups and setting the PasswordTimeout field in the p4 group form. If a user belongs to more than one group, the largest PasswordTimeout value applies.

For P4 Server applications on Windows and macOS that connect to P4 Server at security levels 0 and 1, p4 passwd stores the password by using p4 set to store the MD5 hash of the password in the registry or system settings. When connecting to P4 Server at security levels 2, 3, or 4, password hashes are neither stored in, nor read from, these locations.

P4 Server superusers can reset the passwords of individual users (or all users site-wide) with the p4 admin resetpassword command. You can also set the dm.user.resetpassword configurable (set with p4 configure) to require that any newly-created users reset the password you assigned them when you created their account.

The printable characters 32 through 126 of the ASCII table are known to avoid character set mismatches between servers and clients:

space ! " # $ % ' ( ) * + , - . /

0 1 2 3 4 5 6 7 8 9

: ; < = > ? @

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

[ \ ] ^ _ `

a b c d e f g h i j k l m o p q r s t u v w x y z

{ | } ~

Other characters might or might not result in character set mismatches between servers and clients.

Strong password

Certain combinations of security level and P4 Server applications releases require users to set "strong" passwords. P4 Server defines a strong password as:

at least dm.password.minlength long, which, by default, is 8 characters
contains at least two of the following :
- Uppercase letter(s)
- Lowercase letter(s)
- Non-alphabetic character(s)

Although abcd1234 is by default, considered a strong password in an environment with the security configurable set to 2, it is too easy to guess.

To create secure password that is easy-to-remember:

Start with a phrase, such as
Perforce Enterprise-class Version Control.
Make the phrase resemble a single word, such as
PEnterprise-classVC.
Represent some letters with non-alphabetical characters:
PN2prI$-k|@zV(.

Options

`-O oldpassword`	Avoid prompting by specifying the old password on the command line. This option is not supported if your site is configured to use security level 2, 3, or 4. If you use the `-O` option, you must use the `-P` option.
`-P newpassword`	Avoid prompting by specifying the new password on the command line. This option is not supported if your site is configured to use security level 2, 3, or 4.
`user`	Superusers can provide this argument to change the password of another user.
`g-opts`	See Global options.

Usage notes

Can File Arguments Use Revision Specifier? Can File Arguments Use Revision Range? Minimal Access Level Required

Can File Arguments Use Revision Specifier?	Can File Arguments Use Revision Range?	Minimal Access Level Required
N/A	N/A	`list` available to an operator user and a service user

N/A

list

available to an operator user and a service user

Passwords can be up to 1,024 characters in length. Password length is configurable by setting the dm.password.minlength configurable. To require passwords to be at least 16 characters in length, a P4 superuser can run:
```
p4 configure set dm.password.minlength=16
```
The default minimum password length is eight characters.
The p4 passwd command never sends plaintext passwords over the network. A challenge/response mechanism is used to send the encrypted password to the P4 Server.
A password can contain spaces, but command line use of such a password requires quotes to enclose it in a single string:
p4 -P "my password" command
If a user forgets the password, a P4 Server superuser can reset it by specifying the username on the command line:
p4 passwd username
To delete a password, set the password value to an empty string. Depending on the security level of your site, your P4 Server might not permit you to set a null password.
If you are using ticket-based authentication, changing your password invalidates all of your tickets and logs you out. This is equivalent to p4 logout -a command.

Examples

The superuser creates a new user named maria and assigns a password to that user:

p4 user -f maria

The server displays a user spec. The superuser adds a Password: field, provides a value for that field, then saves and closes the form.

Later, if the user forgets the password, the superuser can change it:

p4 password -P aSecurePassword maria

The password for user maria is now set to aSecurePassword

Related commands

To change other user options	`p4 user`
To change users' access levels	`p4 protect`
To log in using tickets instead of passwords	`p4 login`
To force password reset	`p4 admin resetpassword`