diff --git a/HANDBOOK.md b/HANDBOOK.md
index 543b041e..e14f975b 100644
--- a/HANDBOOK.md
+++ b/HANDBOOK.md
@@ -66,7 +66,7 @@ plugins.security.nodes_dn_dynamic_config_enabled: true
 Allow connections from follower cluster on the leader as follows
 
 ```bash
-curl -k -u admin:admin -XPUT "https://${LEADER}/_plugins/_security/api/nodesdn/follower" \
+curl -k -u admin:<admin password> -XPUT "https://${LEADER}/_plugins/_security/api/nodesdn/follower" \
 -H 'Content-type: application/json' \
 -d'{"nodes_dn": ["CN=follower.example.com"]}'
 ```
diff --git a/build.gradle b/build.gradle
index 5b671ff1..7d7c0846 100644
--- a/build.gradle
+++ b/build.gradle
@@ -35,6 +35,7 @@ import org.opensearch.gradle.test.RestIntegTestTask
 
 buildscript {
     ext {
+        System.setProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD", "myStrongPassword123!")
         isSnapshot = "true" == System.getProperty("build.snapshot", "true")
         opensearch_version = System.getProperty("opensearch.version", "2.12.0-SNAPSHOT")
         buildVersionQualifier = System.getProperty("build.version_qualifier", "")
@@ -430,7 +431,7 @@ def configureCluster(OpenSearchCluster cluster, Boolean securityEnabled) {
         }
         CrossClusterWaitForHttpResource wait = new CrossClusterWaitForHttpResource(protocol, cluster.getFirstNode().getHttpSocketURI(), cluster.nodes.size())
         wait.setUsername("admin")
-        wait.setPassword("admin")
+        wait.setPassword(System.getProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD"))
         return wait.wait(500)
     }
 
@@ -683,6 +684,7 @@ clusters.each { name ->
             if (securityEnabled) {
                 plugin(provider(securityPluginOld))
                 cliSetup("opensearch-security/install_demo_configuration.sh", "-y")
+
             }
             // Currently fetching the ARCHIVE distribution fails on mac as it tries to fetch the Mac specific "DARWIN" distribution
             // for Opensearch which is not publish yet. Changing this to INTEG_TEST to make it work on mac.
diff --git a/scripts/integtest.sh b/scripts/integtest.sh
old mode 100755
new mode 100644
index 1a0498ae..464108c7
--- a/scripts/integtest.sh
+++ b/scripts/integtest.sh
@@ -70,9 +70,16 @@ then
   SECURITY_ENABLED="true"
 fi
 
+IFS='.' read -ra version_array <<< "$OPENSEARCH_VERSION"
+
 if [ -z "$CREDENTIAL" ]
 then
-  CREDENTIAL="admin:admin"
+  # Starting in 2.12.0, security demo configuration script requires an initial admin password
+  if (( ${version_array[0]} > 2 || (${version_array[0]} == 2 && ${version_array[1]} >= 12) )); then
+    CREDENTIAL="admin:myStrongPassword123!"
+  else
+    CREDENTIAL="admin:admin"
+  fi
 fi
 
 USERNAME=`echo $CREDENTIAL | awk -F ':' '{print $1}'`
@@ -118,4 +125,4 @@ else
     TRANSPORT_PORT="9300"
   fi
   ./gradlew singleClusterSanityTest -Dfollower.http_host="$BIND_ADDRESS:$BIND_PORT" -Dfollower.transport_host="$BIND_ADDRESS:$TRANSPORT_PORT" -Dsecurity_enabled=$SECURITY_ENABLED -Duser=$USERNAME -Dpassword=$PASSWORD --console=plain
-fi
+fi
\ No newline at end of file