Internal/system users` passwords

** On behalf of a user of Slack**

“Hi Folks,If I update a user password using dashboards password reset UI, will it also update the hash in internal_users.yml or just in .opendistro_security ?I cannot update the password for kibanaserver user and it has full access to .kibana index, meaning if a user logs in with kibanaserver then they can create and delete dashboards.
Is this expected behavior?”

Hi rishabh singh,

Password reset on UI will NOT update the internal_users.yml be sure to use / -backup my-backup-directory to back up your current configuration before and after changes in UI please see more here (pay attention to “A word of caution”) :

When it comes to kibanaserver user you can update the password in internal_users.yml see how to generate password hash here: YAML files - OpenSearch documentation , see how to Applying changes to configuration files here: Applying changes to configuration files - OpenSearch Documentation .

Let me know if you have any questions.