diff --git a/confluent_client/VERSION b/confluent_client/VERSION
index 9faa1b7a..0ea3a944 100644
--- a/confluent_client/VERSION
+++ b/confluent_client/VERSION
@@ -1 +1 @@
-0.1.5
+0.2.0
diff --git a/confluent_client/confluent/client.py b/confluent_client/confluent/client.py
index b35caf19..77c4f302 100644
--- a/confluent_client/confluent/client.py
+++ b/confluent_client/confluent/client.py
@@ -55,9 +55,9 @@ class Command(object):
         else:
             self.authenticated = False
 
-    def authenticate(self, username, passphrase):
+    def authenticate(self, username, password):
         tlvdata.send(self.connection,
-                     {'username': username, 'passphrase': passphrase})
+                     {'username': username, 'password': password})
         authdata = tlvdata.recv(self.connection)
         if authdata['authpassed'] == 1:
             self.authenticated = True
diff --git a/confluent_server/VERSION b/confluent_server/VERSION
index 0ea3a944..0c62199f 100644
--- a/confluent_server/VERSION
+++ b/confluent_server/VERSION
@@ -1 +1 @@
-0.2.0
+0.2.1
diff --git a/confluent_server/confluent/config/attributes.py b/confluent_server/confluent/config/attributes.py
index b74a6367..1252abff 100644
--- a/confluent_server/confluent/config/attributes.py
+++ b/confluent_server/confluent/config/attributes.py
@@ -61,7 +61,7 @@ nic = {
 }
 
 user = {
-    'passphrase': {
+    'password': {
         'description':  'The passphrase used to authenticate this user'
     },
 }
@@ -255,7 +255,7 @@ node = {
                         'this class of protocols and SNMP and IPMI, snmp and '
                         'ipmi utilize dedicated values.'),
     },
-    'secret.hardwaremanagementpassphrase': {
+    'secret.hardwaremanagementpassword': {
         'description': ('Passphrase to be set and used by protocols like SSH '
                         'and HTTP, where client sends passphrase over the '
                         'network.  Given distinct security models between '
diff --git a/confluent_server/confluent/config/configmanager.py b/confluent_server/confluent/config/configmanager.py
index a75a157b..292cdca3 100644
--- a/confluent_server/confluent/config/configmanager.py
+++ b/confluent_server/confluent/config/configmanager.py
@@ -578,7 +578,7 @@ class ConfigManager(object):
         """
         user = self._cfgstore['users'][name]
         for attribute in attributemap:
-            if attribute == 'passphrase':
+            if attribute == 'password':
                 salt = os.urandom(8)
                 #TODO: WORKERPOOL, offload password set to a worker
                 crypted = KDF.PBKDF2(
@@ -1163,4 +1163,4 @@ except IOError:
 # group should get it then
 # rinse and repeat for set on node versus set on group
 # clear group attribute and assure than it becomes unset on all nodes
-# set various expressions
\ No newline at end of file
+# set various expressions
diff --git a/confluent_server/confluent/core.py b/confluent_server/confluent/core.py
index 976f68e4..96f2d4db 100644
--- a/confluent_server/confluent/core.py
+++ b/confluent_server/confluent/core.py
@@ -151,10 +151,10 @@ def show_user(name, configmanager):
     rv = {}
     for attr in attrscheme.user.iterkeys():
         rv[attr] = None
-        if attr == 'passphrase':
+        if attr == 'password':
             if 'cryptpass' in userobj:
-                rv['passphrase'] = {'cryptvalue': True}
-            yield msg.CryptedAttributes(kv={'passphrase': rv['passphrase']},
+                rv['password'] = {'cryptvalue': True}
+            yield msg.CryptedAttributes(kv={'password': rv['password']},
                                         desc=attrscheme.user[attr][
                                             'description'])
         else:
diff --git a/confluent_server/confluent/plugins/configuration/attributes.py b/confluent_server/confluent/plugins/configuration/attributes.py
index 91bf9337..59d6e719 100644
--- a/confluent_server/confluent/plugins/configuration/attributes.py
+++ b/confluent_server/confluent/plugins/configuration/attributes.py
@@ -20,7 +20,7 @@ import confluent.config.attributes as allattributes
 def retrieve(nodes, element, configmanager, inputdata):
     if nodes is not None:
         return retrieve_nodes(nodes, element, configmanager, inputdata)
-    elif element[0] == 'groups':
+    elif element[0] == 'nodegroups':
         return retrieve_nodegroup(
             element[1], element[3], configmanager, inputdata)
 
@@ -128,7 +128,7 @@ def retrieve_nodes(nodes, element, configmanager, inputdata):
 def update(nodes, element, configmanager, inputdata):
     if nodes is not None:
         return update_nodes(nodes, element, configmanager, inputdata)
-    elif element[0] == 'groups':
+    elif element[0] == 'nodegroups':
         return update_nodegroup(
             element[1], element[3], configmanager, inputdata)
     raise Exception("This line should never be reached")
diff --git a/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py b/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
index e42eb9f1..71efa180 100644
--- a/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
+++ b/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
@@ -36,7 +36,7 @@ class IpmiCommandWrapper(ipmicommand.Command):
     def __init__(self, node, cfm, **kwargs):
         self._attribwatcher = cfm.watch_attributes(
             (node,),('secret.hardwaremanagementuser',
-                     'secret.hardwaremanagementpassphrase', 'secret.ipmikg',
+                     'secret.hardwaremanagementpassword', 'secret.ipmikg',
                      'hardwaremanagement.manager'), self._attribschanged)
         super(self.__class__, self).__init__(**kwargs)
 
@@ -61,8 +61,8 @@ def get_conn_params(node, configdata):
         username = configdata['secret.hardwaremanagementuser']['value']
     else:
         username = 'USERID'
-    if 'secret.hardwaremanagementpassphrase' in configdata:
-        passphrase = configdata['secret.hardwaremanagementpassphrase']['value']
+    if 'secret.hardwaremanagementpassword' in configdata:
+        passphrase = configdata['secret.hardwaremanagementpassword']['value']
     else:
         passphrase = 'PASSW0RD'  # for lack of a better guess
     if 'hardwaremanagement.manager' in configdata:
@@ -85,7 +85,7 @@ def get_conn_params(node, configdata):
 
 
 _configattributes = ('secret.hardwaremanagementuser',
-                     'secret.hardwaremanagementpassphrase',
+                     'secret.hardwaremanagementpassword',
                      'secret.ipmikg', 'hardwaremanagement.manager')
 
 
diff --git a/confluent_server/confluent/sockapi.py b/confluent_server/confluent/sockapi.py
index 72c59b41..b6c7f9fb 100644
--- a/confluent_server/confluent/sockapi.py
+++ b/confluent_server/confluent/sockapi.py
@@ -80,7 +80,7 @@ def sessionhdl(connection, authname, skipauth=False):
         tlvdata.send(connection, {'authpassed': 0})
         response = tlvdata.recv(connection)
         authname = response['username']
-        passphrase = response['passphrase']
+        passphrase = response['password']
         # note(jbjohnso): here, we need to authenticate, but not
         # authorize a user.  When authorization starts understanding
         # element path, that authorization will need to be called