Overall System Status:
Do not share the password for your PKI certificate with anyone. However, it must be easy enough for you to remember because the password used to protect a certificate is only known on your computer or eToken (depending upon where your certificate is stored) and cannot be recovered by your local computer support staff.
Encrypting a file and then finding out you are unable to decrypt it is a painful experience. It is very important to create a password you will remember. Select your password very carefully in advance of obtaining your key pair and certificate.
Some password do's and don'ts:
To reset the current password for the certificate on your eToken, plug the eToken into a Windows computer that has the eToken software installed on it. Click Start, Programs, eToken, then eToken Properties. Click the Change Password button. In the Current Token Password field, enter the password currently on the token. (Only bullets will appear so that someone looking over your shoulder cannot see what you are typing.) In the New Token Password field, enter the new password you want for the certificate on the eToken. In the Confirm Token Password field, enter the same new password. If what you entered in the New Token Password field is the same as what you entered in the Confirm Token Password field, the OK button will become active. Click OK; your certificate password will be changed.
If you do not remember your current password, the eToken will need to be reformatted and a new certificate installed in order to change the password.
If you are using Internet Explorer on a Windows computer, passwords that protect certificates are set when the certificate is created or imported. Each certificate can have a separate password. Software certificates are stored in the registry. There is no explicit feature for changing the password. A password can be changed by exporting the certificate with the Certificate Export Wizard, then re-importing the key, changing the Wizard's options to set a new password. You can access the Wizard by selecting Internet Options from the Tools menu. Select the Content tab, then click the Certificates button. Select the certificate and click the Export button. To reload the certificate, click the Import button.
The Firefox and Netscape browsers provide their own certificate store in the file system. Each user profile has one password used to unlock the certificate store for that user profile. If you do not know the master password, the computer can be reset, but this operation will delete the user certificates stored on the computer.
Select Options from the Tools menus (or Preferences from the Firefox menu on Mac OS X) and select the Privacy tab (Windows) or the Security tab (Macintosh or for both platform versions of Firefox 2.0). Click the Set Master Password button after checking the Remember Passwords or Use a Master Password box, then enter and verify a password, then click OK.
Note: An existing password can be changed, provided the previous password is known.
Select Preferences from the Edit menu and open the Privacy & Security section in the left column.
To change the master password,
To reset the master password,
Last Updated: 1/28/10