Project

General

Profile

Actions
Copy link

Patch #3858

closed

Force the 'admin' account to change the default password

Added by Ian Wilson over 14 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Accounts / authentication
Target version:
-
Start date:
2009-09-13
Due date:
% Done:

0%

Estimated time:

Description

It's considered generally good security practice to change the default user to something other than 'admin.' While I'm nowhere close to being a RoR expert (in fact, I think I'm a RoR n00b), this patch forces the default username (admin) to set a password on first login that isn't the password 'admin.'

I'd like someone to look at/review the patch, provide feedback, and, if the feedback is positive, consider inclusion into the development version of Redmine.

Thanks;

Ian

Files

Download all files
force_admin_password_change.diff (3.32 KB) force_admin_password_change.diff Diff file for trunk/dev version. Ian Wilson, 2009-09-13 03:35
force_admin_password_change_20150927.diff (565 Bytes) force_admin_password_change_20150927.diff Go MAEDA, 2015-09-27 04:13

Related issues

Related to Redmine - Feature #22381: Require password reset on initial setup for default admin accountClosedJean-Philippe Lang

Actions
Actions
Copy link

Also available in: Atom PDF