Android keystore password change

Question

I would like to change the password I use in my keystore for an android app that is already available in google play and I would like to know some things before I do it:

1) If I change the keystore password, could I continue using the same keystore for my uploaded app without any issue (I need to do this, this is why I ask)

2) Does changing my alias password has the same consequences?

3) How should I use keytool?

score 43 · Accepted Answer · edited Jan 02 '21 at 22:43

43

If you are using the same keystore for signing your application before pushing it to the play store, it should be fine.
Changing Keystore's password or alias password doesn't affect the way it is used to generate the signed apk.

In order to update the password using keytool:

Open cmd prompt
Browse to the location of the keytool / set the location of keytool in the path variable under the system variables and directly go to step 3
Run the following command:
keytool -keypass "previous password" -new "new password" -keystore "keystore location"

Security Note
As mentioned in vlz's comment below.
You should not include your password in the command because it'll be written to your command history (~/.bash_history).
Instead, you can use the below command (safely prompt for a password):
keytool -storepasswd -keystore "keystore location"

Recovery plan
Make sure to backup your keystore file first.

edited Jan 02 '21 at 22:43

ahmednabil88

13,263
9
45
80

answered Feb 05 '15 at 12:44

Saurabh Rajpal

1,427
8
13

Just another little thing if you know, I'm also try to change my alias password but it won't let me (maybe because I'm using a # on it i don't know): does it affect if I create a new alias with new password and use it instead? Maybe it is because my alias has a dot on it? – fapps Feb 05 '15 at 13:11
I am not sure about the reason about why it's not letting you change the password for the allias. But don't change the alias for sure. This will generate a different apk. For details regarding the same, you may refer to [this answer](http://stackoverflow.com/questions/5724631/understanding-keystore-certificates-and-alias/5724912#5724912) – Saurabh Rajpal Feb 05 '15 at 13:35
Well, it turns out that I don't know how to read and before asking me for the alias password I should be writing my keystore password. I wasn't doing that, so that was why I wasn't able to change it. Now everything is working fine. Thanks – fapps Feb 05 '15 at 14:30
Happy to know you resolved the issue.. Thanks to you too for accepting the answer.. Have a good day.. – Saurabh Rajpal Feb 05 '15 at 14:47
Is it possible to remove password of the keystore? – zionpi Jun 25 '15 at 07:44
AFAIK, the keystores normally don't work without password. If at all you need to do so, you may have to implement your own keystore logic by providing signing options in the logic while writing itself. You may google for such stuff maybe. Thanks! – Saurabh Rajpal Jun 26 '15 at 05:37
Can I create the new keystore file using the same name and same alias with different password ?? Is it work for update the app? – AngelJanniee Apr 06 '17 at 03:32
7

If you do not want to give the password in the command itself, simply do `keytool -storepasswd -keystore "keystore location"` – vlz Sep 03 '18 at 10:21
I strongly recommend making a backup of your keystore in case something goes wrong. – Tim Rasim Oct 24 '18 at 09:30
In case you didn't see the Security note, you can at least delete those lines from your bash history using the history -d command https://unix.stackexchange.com/a/275101/247515 – Gandalf458 Sep 05 '19 at 19:22

David Schumann · Answer 2 · 2020-04-07T13:10:45.310

The usage of keytool might have changed in the past years. What worked for me was:

To change the password of an alias inside a store:

keytool -keypasswd -keystore pathToKeystoreFile -alias yourAlias -keypass oldAliasPassword -storepass oldStorePassword -new newAliasPassword

To change the password of your keystore file:

keytool -storepasswd -keystore pathToKeystoreFile -storepass oldStorePassword -new newStorePassword

PSA: Make sure to backup your keystore file first in case you accidentally introduce any typos!

abumalick · Answer 3 · 2020-10-20T20:42:58.557

17

We don't want to type the password as part of the command to avoid to store it in the shell history.

# Change the key password
keytool -keypasswd -alias "your_key_alias" -keystore "key_filename.key"
# Change the keystore password
keytool -storepasswd -keystore "key_filename.key"

edited Oct 20 '20 at 20:42

answered May 30 '19 at 17:15

abumalick

1,512
15
22

2

This should be the accepted answer, you don't want to be writing your passwords into part of the command like the previous answers suggest, they'll get stored in your bash history in cleartext – Mohamed Hafez Aug 24 '19 at 18:09

score 9 · Answer 4 · answered Feb 05 '15 at 12:13

9

I could change password as below:

keytool -keypasswd -alias "key alias" -keypass "previous password" -new "new password" -keystore "/../.android/debug.keystore"

answered Feb 05 '15 at 12:13

KOTIOS

10,974
3
34
61

But, is it safe to change it if I have uploaded an app to google play with it? – fapps Feb 05 '15 at 12:18

Android keystore password change

4 Answers4