Encodes a specified character expression (typically a password) and returns it as a character value with a prefix.

Return-type: CHARACTER

Applies to: SECURITY-POLICY system handle

Syntax

ENCODE-PASSWORD(password, prefix)
password
A CHARACTER expression containing the value to encode.
  • Must be at least one character in length.
  • Maximum length: 128 characters.
  • The AVM converts this value to UTF-8 before encoding to maintain consistency across code pages.
prefix
A case-sensitive character expression specifying the Encoding prefix.

The method returns the encoded password as a CHARACTER value, including the specified prefix.

If the prefix is invalid or the password is blank, the function raises an error.

If the password is the Unknown value (?), the function returns ?.

The output is compatible with values generated by the genpassword utility.

This example securely connects to the Sports2020 database using a user ID and a password that is encoded at runtime with the SECURITY-POLICY:ENCODE-PASSWORD() method and the ae2h6 encoding prefix.

DEFINE INPUT PARAMETER cUserID AS CHARACTER NO-UNDO.
DEFINE INPUT PARAMETER cPasswd AS CHARACTER NO-UNDO.

CONNECT C:\OpenEdge\WRK\db\Sports2020 
  VALUE( "-U " + cUserID +
        " -P " + SECURITY-POLICY:ENCODE-PASSWORD(cPasswd, "ae2h6"))
  -H dbserver -S 1900 NO-ERROR.

To avoid exposing passwords in plain text, store encoded values in a parameter file (.pf) instead of hardcoding them.

Use the VALIDATE-PASSWORD( ) method to verify that a cleartext password matches the encoded value.

The ENCODE-PASSWORD() method supports FIPS-compliant prefixes.