All passwords are encoded within the WebSphere XML Configuration files such as resources.xml, security.xml etc.
In order to decode the passwords, you can use a freely available tool found at “http://www.sysman.nl/wasdecoder/”. Type in the encoded password without the {xor} when using this site.
Alternatively, you can use the PasswordDecoder classfile provided with WebSphere library. With WAS 6.1, the following command will do the trick.
java -classpath=WASHOME/deploytool/itp/plugins/com.ibm.websphere.v61_6.1.200/ws_runtime.jar com.ibm.ws.security.util.PasswordDecoder “password with {xor}”
(You need the double quotes around the password)
Enjoy