Updating user credentials is even easier than validating them. The IdentityManager interface provides the following two methods for updating credentials:

​void updateCredential(Account account, Object credential);
​void updateCredential(Account account, Object credential, Date effectiveDate, Date expiryDate);

Both of these methods essentially do the same thing; they update a credential value for a specified Account. The second overloaded method however also accepts effectiveDate and expiryDate parameters, which allow some temporal control over when the credential will be valid. Use cases for this feature include implementing a strict password expiry policy (by providing an expiry date), or creating a new account that might not become active until a date in the future (by providing an effective date). Invoking the first overloaded method will store the credential with an effective date of the current date and time, and no expiry date.

Let's take a look at a couple of examples. Here's some code demonstrating how a password can be assigned to user "jsmith":

​User user = BasicModel.getUser(identityManager, "jsmith");
​identityManager.updateCredential(user, new Password("abcd1234"));

This example creates a digest and assigns it to user "jdoe":

​User user = BasicModel.getUser(identityManager, "jdoe");
​Digest digest = new Digest();
​digest.setRealm("default");
​digest.setUsername(user.getLoginName());
​digest.setPassword("abcd1234");        
​identityManager.updateCredential(user, digest);