Use of passwords is an important security measure in Couchbase.
Couchbase Server supports several passwords:
- Administrative passwords for Couchbase administrators and LDAP administrators
- Bucket passwords to secure data access to each bucket
As a security best practice, choose passwords that are strong and periodically updated:
- To be strong, a password should have at least eight characters, including characters from three of the following five groups: lowercase letters; uppercase letters; numbers; symbols; unicode characters.
- Passwords should be rotated periodically, based on an organization's requirements.
- CRAM-MD5 is deprecated in Couchbase Server version 4.5. Use SCRAM-SHA enabled SDKs instead. See these two blogs for more information: http://blog.couchbase.com/2016/may/improved-security-couchbase-4.5-scram-sha, http://blog.couchbase.com/2016/watching-scram-authentication-in-java.
You can reset any forgotten administrative passwords using the couchbase-cli reset-admin-password command.