Setting passwords for native and built-in users

Setting passwords for native and built-in users

After you implement security, you might need or want to change passwords for different users. You can use the elasticsearch-reset-password tool or the change passwords API to change passwords for native users and built-in users, such as the elastic or kibana_system users.

For example, the following command changes the password for a user with the username user1 to an auto-generated value, and prints the new password to the terminal:

  1. bin/elasticsearch-reset-password -u user1

To explicitly set a password for a user, include the -i parameter with the intended password.

  1. bin/elasticsearch-reset-password -u user1 -i <password>

If you’re working in Kibana or don’t have command-line access, you can use the change passwords API to change a user’s password:

  1. resp = client.security.change_password(
  2.     username="user1",
  3.     password="new-test-password",
  4. )
  5. print(resp)
  1. const response = await client.security.changePassword({
  2.   username: "user1",
  3.   password: "new-test-password",
  4. });
  5. console.log(response);
  1. POST /_security/user/user1/_password
  2. {
  3.   "password" : "new-test-password"
  4. }