Though it a very old question, how to reset the password (not knowing the old password) without using Supervisor?
I saw few threads discussing about this, and tools doing this stuff. Want to know how they are doing? Is it by using SDK? Or direct repository update using SQL? Does BO support if repository is updated using direct SQL?
That would be a massive security breach. 8) The password is encrypted with a hashing algorithm. Somewhere in the code is the “key” to that hash. Without that key, the could not decrypt the password. And I know that they are decrypting the password because you can snag it from the Supervisor screens with proper software.
But to make the password encryption available via the SDK would, in my opinion, present a security problem. So I believe that it is a good thing that you can’t fix a password problem via that route.
That is, BTW, why they nag you about creating a back-up general supervisor. Just for this very reason.
You can null out the password (via SQL) and then set a new one using whatever method you decide to use. Any direct manipulation of the repository (or direct access to the repository for that matter) can really be considered a security breach as well.
If you REALLY need to know how BO encrypts, I believe they are using DEC5 encryption. Probably doesn’t help a whole lot, but there it is.