Enable authentication using the auth or keyFile settings. Use auth for standalone instances, and keyFile with replica sets and sharded clusters. keyFile implies auth and allows members of a MongoDB deployment to authenticate internally.
Authentication requires at least one administrator user in the admin database. You can create the user before enabling authentication or after enabling authentication.
Also consider the password hashing issue resolved after 2.2.
You can enable authentication using either of the following procedures, depending