This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
« Set up basic security for the Elastic Stack plus secured HTTPS traffic Enabling cipher suites for stronger encryption »
Elastic Docs Elasticsearch Guide [master] Secure the Elastic Stack Manually configure security

Setting passwords for native and built-in users

edit

Setting passwords for native and built-in users

edit

After you implement security, you might need or want to change passwords for different users. You can use the elasticsearch-reset-password tool or the change passwords API to change passwords for native users and built-in users, such as the elastic or kibana_system users.

For example, the following command changes the password for a user with the username user1 to an auto-generated value, and prints the new password to the terminal:

bin/elasticsearch-reset-password -u user1

To explicitly set a password for a user, include the -i parameter with the intended password.

bin/elasticsearch-reset-password -u user1 -i <password>

If you’re working in Kibana or don’t have command-line access, you can use the change passwords API to change a user’s password:

resp = client.security.change_password(
    username="user1",
    password="new-test-password",
)
print(resp)
const response = await client.security.changePassword({
  username: "user1",
  password: "new-test-password",
});
console.log(response);
POST /_security/user/user1/_password
{
  "password" : "new-test-password"
}
« Set up basic security for the Elastic Stack plus secured HTTPS traffic Enabling cipher suites for stronger encryption »