mirceaalexandru
commented
8 years ago We can force change password at first login as a solution for now and implement the client later.
The client you proposed is a great idea.
Open AdrianRossouw opened 8 years ago
mirceaalexandru
commented
8 years ago We can force change password at first login as a solution for now and implement the client later.
The client you proposed is a great idea.
mirceaalexandru
commented
8 years ago Related to #79 as the implementation to force changing password will be the same.
At the moment we are creating a default root user with a default password. This is incredibly insecure, since it requires additional action to change the password, which the user may not know to do, or be able to do because of not running the dashboard.
We need to remove the default user and create a cli to create this user.