View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009379 | mantisbt | installation | public | 2008-07-12 10:36 | 2015-12-21 13:39 |
Reporter | marc | Assigned To | |||
Priority | normal | Severity | text | Reproducibility | always |
Status | acknowledged | Resolution | open | ||
Product Version | 1.1.2 | ||||
Summary | 0009379: Mention the default user/password after fresh installation | ||||
Description | After a sucessfull fresh installation, it says on admin/install.php:
After clicking on Continue, you are redirectede to the login screen and have no clue how to login now. It should mention the default user/password combination of administrator/root on the Install page. | ||||
Tags | No tags attached. | ||||
Actually, I have heard too much times the question "what is the default login/password after installation?" We probably need to add this info to the warning message we have now: You should disable the default "administrator" account or change its password. |
|
You may be right, since this will force the administrator to really go and change the password. However, the more conservative option is to show it on the installation page (big font). |
|
I know this is two years later - after successful install make the admin account login (auto or manual) with a forced password change of admin account. |
|
I think it would be difficult, once logged in, to force the the admin to create another user account. Probably a better and simpler approach would be to request the admin account's ID and password in the installer, and never create administrator / root in the first place. |
|
Option 1: I agree that including setting the default username / password in the installer would be a good thing. It will make sure that the user sets such name and password and that each instance will have a unique username for such administrator. Option 2: About a year ago I implemented 0016477 which redirects user to their account page and asks them to change their password after login. If we log the user in as part of installation, then clicking on the link to go to Mantis, can take them directly to change password page within the core product. Option 3: In the meantime, if we want a simple least change approach, we can show username / password when administrator default username/password are valid and # of issues in the database is 0. Extra query, but only if admin/root is enabled. I pretty much like these options in the order they are listed. |
|
Option 1 is the best option - it also doesnt enforce any types of specific design rules on the users. |
|
+1 on any of the options above. I've been using Mantis for many years and every time I do an install I need to Google the default admin username and password. This must be really confusing to new folks. |
|
Or read the manual |
|