From the Tools screen select "Change password”.
We recommend using a unique random password over 14 characters in length to reduce the possibility of a successful offline brute force attack against the wallet files.
Many people find the use of dedicated password management software to be very helpful. You may wish to explore the use of
When a password change occurs several files are updated. This section provides details on what goes on.
The rolling backups are not updated as they are expected to "roll-off" over the course of time. If there was a failure to change the password having the old backups available to the old password allows for automatic recovery. In the event of a successful password change a new one is created.
The zip backups are encrypted with the wallet words based AES key which does not change when the password changes. It is stored in the YAML and is encrypted with the wallet password so the encrypted bytes change (new password) but the actual unencrypted value does not change.
Any external files associated with BIP70 payment protocol are re-encrypted with the new password. The general process is to decrypt them with the old password, encrypt them with the new, decrypt with the new to verify correct contents and finally write the encrypted bytes to the disk.