diff --git a/maven-embedder/src/main/java/org/apache/maven/cli/CLIManager.java b/maven-embedder/src/main/java/org/apache/maven/cli/CLIManager.java
index bc95ca3e92..2449d9a245 100644
--- a/maven-embedder/src/main/java/org/apache/maven/cli/CLIManager.java
+++ b/maven-embedder/src/main/java/org/apache/maven/cli/CLIManager.java
@@ -92,6 +92,10 @@ public class CLIManager
 
     public static final String LOG_FILE = "l";
 
+    public static final String ENCRYPT_MASTER_PASSWORD = "emp";
+
+    public static final String ENCRYPT_PASSWORD = "ep";
+
     private Options options;
 
     @SuppressWarnings("static-access")
@@ -128,6 +132,8 @@ public CLIManager()
         options.addOption( OptionBuilder.withLongOpt( "also-make-dependents" ).withDescription( "If project list is specified, also build projects that depend on projects on the list" ).create( ALSO_MAKE_DEPENDENTS ) );
         options.addOption( OptionBuilder.withLongOpt( "log-file" ).hasArg().withDescription( "Log file to where all build output will go." ).create( LOG_FILE ) );
         options.addOption( OptionBuilder.withLongOpt( "show-version" ).withDescription( "Display version information WITHOUT stopping build" ).create( SHOW_VERSION ) );
+        options.addOption( OptionBuilder.withLongOpt( "encrypt-master-password" ).hasArg().withDescription( "Encrypt master security password" ).create( ENCRYPT_MASTER_PASSWORD ) );
+        options.addOption( OptionBuilder.withLongOpt( "encrypt-password" ).hasArg().withDescription( "Encrypt server password" ).create( ENCRYPT_PASSWORD ) );
         
         // Adding this back in for compatibility with the verifier that hard codes this option.
         
diff --git a/maven-embedder/src/main/java/org/apache/maven/cli/MavenCli.java b/maven-embedder/src/main/java/org/apache/maven/cli/MavenCli.java
index df811d3213..2627aacf5e 100644
--- a/maven-embedder/src/main/java/org/apache/maven/cli/MavenCli.java
+++ b/maven-embedder/src/main/java/org/apache/maven/cli/MavenCli.java
@@ -30,6 +30,11 @@
 import org.apache.maven.execution.MavenExecutionRequest;
 import org.apache.maven.execution.MavenExecutionResult;
 import org.codehaus.plexus.classworlds.ClassWorld;
+import org.sonatype.plexus.components.cipher.DefaultPlexusCipher;
+import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecUtil;
+import org.sonatype.plexus.components.sec.dispatcher.model.SettingsSecurity;
 
 /**
  * @author jason van zyl
@@ -160,6 +165,63 @@ else if ( debug || commandLine.hasOption( CLIManager.SHOW_VERSION ) )
             return 1;
         }
 
+        try
+        {
+            if ( commandLine.hasOption( CLIManager.ENCRYPT_MASTER_PASSWORD ) )
+            {
+                String passwd = commandLine.getOptionValue( CLIManager.ENCRYPT_MASTER_PASSWORD );
+
+                DefaultPlexusCipher cipher = new DefaultPlexusCipher();
+
+                System.out.println( cipher.encryptAndDecorate( passwd,
+                                                               DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ) );
+
+                return 0;
+            }
+            else if ( commandLine.hasOption( CLIManager.ENCRYPT_PASSWORD ) )
+            {
+                String passwd = commandLine.getOptionValue( CLIManager.ENCRYPT_PASSWORD );
+
+                DefaultSecDispatcher dispatcher;
+                dispatcher = (DefaultSecDispatcher) mavenEmbedder.getPlexusContainer().lookup( SecDispatcher.class );
+                String configurationFile = dispatcher.getConfigurationFile();
+                if ( configurationFile.startsWith( "~" ) )
+                {
+                    configurationFile = System.getProperty( "user.home" ) + configurationFile.substring( 1 );
+                }
+                String file = System.getProperty( DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION, configurationFile );
+                mavenEmbedder.getPlexusContainer().release( dispatcher );
+
+                String master = null;
+
+                SettingsSecurity sec = SecUtil.read( file, true );
+                if ( sec != null )
+                {
+                    master = sec.getMaster();
+                }
+
+                if ( master == null )
+                {
+                    System.err.println( "Master password is not set in the setting security file" );
+
+                    return 1;
+                }
+
+                DefaultPlexusCipher cipher = new DefaultPlexusCipher();
+                String masterPasswd =
+                    cipher.decryptDecorated( master, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION );
+                System.out.println( cipher.encryptAndDecorate( passwd, masterPasswd ) );
+
+                return 0;
+            }
+        }
+        catch ( Exception e )
+        {
+            CLIReportingUtils.showError( "FATAL ERROR: " + "Error encrypting password: " + e.getMessage(), e, showErrors );
+
+            return 1;
+        }
+
         MavenExecutionResult result = mavenEmbedder.execute( request );
 
         try