Setting Passwords for the Master and Dual Master Keys

The base key owner, or a user who owns a regular key copy, can set the password for the master and dual master keys. Passwords must be set before master keys can be used.

To set passwords for master keys, you can either use the:

  • set encryption passwd command

  • Use the unattended start-up feature

  • (Master key only) the dataserver command

The set encryption command is:
set encryption passwd char_literal
	for key [dual] master
where:

  • char_literal – if the user is the key owner, this is the password that currently encrypts the base copy of the master or dual master key. If the user is not the key owner, this is the password that currently encrypts the user’s copy of the key.

Example – sets the password “MasterSecret” for the master key in database tdb1:
use tdb1
set encryption passwd 'MasterSecret' for key master

SAP ASE sets the password in the server memory for the database in which the master or dual master key is defined, and also records the identity of the user setting the password. Once set, the password is available for all access to the master key in the database.

Parent topic: Database-Level Master and Dual Master Keys