Foren
Security Question around the Default User
David Torre, geändert vor 12 Jahren.
Security Question around the Default User
New Member Beiträge: 4 Beitrittsdatum: 25.03.11 Neueste Beiträge
Greetings.
I'm writing a security hardening guide for Liferay, and noticed that the default install has a user named "default@liferay.com" with a password of "password" and passwordEncrypted = 0 in the SQL DB. I verified that the user cannot login using said credentials, but now I'm kind of curious as to why? Is it due to some internal code that prevents an interactive login from this user?
Also, is it safe to completely remove this row in the SQL DB?
Kind regards,
I'm writing a security hardening guide for Liferay, and noticed that the default install has a user named "default@liferay.com" with a password of "password" and passwordEncrypted = 0 in the SQL DB. I verified that the user cannot login using said credentials, but now I'm kind of curious as to why? Is it due to some internal code that prevents an interactive login from this user?
Also, is it safe to completely remove this row in the SQL DB?
Kind regards,
Mika Koivisto, geändert vor 12 Jahren.
RE: Security Question around the Default User
Liferay Legend Beiträge: 1519 Beitrittsdatum: 07.08.06 Neueste Beiträge
Default user can never login and no it's not safe to delete any rows from the DB directly.