IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Set up basic security for the Elastic Stack plus secured HTTPS traffic Enabling cipher suites for stronger encryption »
Elastic Docs Elasticsearch Guide [8.15] Secure the Elastic Stack Manually configure security

Setting passwords for native and built-in users

edit

Setting passwords for native and built-in users

edit

After you implement security, you might need or want to change passwords for different users. You can use the elasticsearch-reset-password tool or the change passwords API to change passwords for native users and built-in users, such as the elastic or kibana_system users.

For example, the following command changes the password for a user with the username user1 to an auto-generated value, and prints the new password to the terminal:

bin/elasticsearch-reset-password -u user1

To explicitly set a password for a user, include the -i parameter with the intended password.

bin/elasticsearch-reset-password -u user1 -i <password>

If you’re working in Kibana or don’t have command-line access, you can use the change passwords API to change a user’s password:

resp = client.security.change_password(
    username="user1",
    password="new-test-password",
)
print(resp)
const response = await client.security.changePassword({
  username: "user1",
  password: "new-test-password",
});
console.log(response);
POST /_security/user/user1/_password
{
  "password" : "new-test-password"
}
« Set up basic security for the Elastic Stack plus secured HTTPS traffic Enabling cipher suites for stronger encryption »