title: The ''password'' sub-command
role: manual
tags: #command #configuration #manual #zettelstore
syntax: zmk
back: 00001004050000 00001006020000
backward: 00001004050000 00001006020000 00001010040200
box-number: 1
copyright: (c) 2020-present by Detlef Stern <ds@zettelstore.de>
created: 20210126175322
forward: 00001006050000 00001010040200
lang: en
license: EUPL-1.2-or-later
modified: 20250102221851
published: 20250102221851
visibility: public

This sub-command is used to create a hashed password for users to be authenticated.

It reads a password from standard input (two times, both must be equal) and writes the hashed password to standard output.

The general usage is:

    zettelstore password IDENT ZETTEL-ID

`IDENT` is the identification for the user that should be authenticated.
`ZETTEL-ID` is the [identifier of the zettel](00001006050000) that later acts as a user zettel.

See [Creating a user zettel](00001010040200) for some background information.

An example:

    # zettelstore password bob 20200911115600
    Password:
       Again:
    credential: $2a$10$1q92v1Ya8Too5HD/4rKpPuCP8fZTYPochsC6DcY1T4JKwhSx8uLu6
    user-id: bob

This will produce a hashed password (&ldquo;credential&rdquo;) for the new user &ldquo;bob&rdquo; to be stored in zettel &ldquo;20200911115600&rdquo;.

You should copy the relevant output to the zettel of the user to be secured, especially by setting the meta keys `credential` and `user-id` to the copied values.

Please note that the generated hashed password is tied to the given user identification (`user-id`) and to the identifier of its zettel.
Changing one of these will prevent the user from being authenticated with the given password.
In this case you have to re-run this sub-command.