Changing the Registry's Master Key
All passwords stored in a registry are encrypted by a master key. Note that the master key is created when you create the registry database during system configuration.
You can use the dcecp registry modify command with the -key option to change the registry's master key and to reencrypt all passwords with the new master key. Each replica (master and slave) maintains its own master key to access the data in its copy of the registry.
You should change each replica's master key on a regular basis. Before you run either program to do this, ensure that you are logged into an administrative account.
The following command line changes the master key and reencrypts all the passwords for the replica art_server_1:
dcecp> registry modify /.../giverny.com/subsys/dce/sec/art_server_1 -key
dcecp>