Modifying, Regenerating, and Deleting a Master Key

Modify existing passwords or regenerate the master key.

Use Change Password when a password is compromised.

Use Regenerate to periodically change key encryption keys (KEKs), which is recommended as good key management. The master or dual-master key is replaced with a new value and all column encryption keys that are encrypted by the master or dual-master keys are reencrypted.

  1. In the left pane of the Administration Console, expand ASE Servers > Security > Encryption Keys.
  2. Click Master Keys.
  3. Click the Name field of the master key, then click the drop-down arrow.
  4. (Optional) To change the master key:
    1. Select Change Password.
    2. Enter the old and new passwords, and confirm the new password.
    Note: If a key has key copies, you cannot modify the key to encrypt it with the system encryption password.
  5. (Optional) To set the master key, select Supply Password, and confirm it on the next screen.
  6. (Optional) To delete the master key, select Delete, and confirm it on the next screen.
  7. (Optional) To regenerate the master key:
    1. Select Regenerate.
    2. Enter the old and new passwords, and confirm the new password.
Related concepts
Dual Control and Split Knowledge
Related tasks
Creating a Master Key
Related reference
Master Key Properties