You might find yourself in the same situation like me, you try to add a new server to your farm but after trying all the passphrases in your mind it seems like none of them work. Hope this happens on your test farm and not on the production one and not because you cannot fix it but this might signal other problems with the way you manage your farm, with your configuration management.
In order to change the Farm PassPhrase you need to log in to one of your farm servers and open SharePoint 2010 Management Shell in admin mode(right click Powershell and select Run as administrator).
The two cmdlets you will use are:
ConvertTo-SecureString Link to TechNet site
Set-SPPassPhrase Link to TechNet site
The Set-SPPassPhrase cmdlet is used to change the PassPhrase but it takes a secure string as parameter. In order to do that you will first have to define a secure string using:
$NewPassPhrase = ConvertTo-SecureString -asPlainText -Force -string YOUR_OWN_STRING
The string needs to be(if the default settings are used):
“at least 8 characters; contains at least three of the following
four character groups: English uppercase characters (A through Z); English lowe
rcase characters (a through z); Numerals (0 through 9); Non-alphabetic characte
rs (such as !, $, #, %). Type a passphrase which meets these requirements. “
Please replace YOUR_OWN_STRING with…you guessed it your own string which will become the new PassPhrase. This cmdlet converts your string from plain text to a secure string. $NewPassPhrase will take the value of this secure string during your powershell session.
In order to change the PassPhrase to your new secure string defined before you will use:
Set-SPPassPhrase -PassPhrase $NewPassPhrase
It will automatically prompt you to insert the string configured before even if you do not use the -confirm switch.
It will ask you to confirm your action by selecting Y and hitting enter.
This cmdlet will change the PassPhrase on all of your farm servers. If for whatever reason you want or you have to do it on each server use the -LocalServerOnly when you run the Set-SPPassPhrase cmdlet(ex: Set-SPPassPhrase -PassPhrase $NewPassPhrase -LocalServerOnly).
Now keep track of this new Farm PassPhrase in a secure place.