Security Question around the Default User

Fórum

David Torre, modificado 12 Anos atrás.

Security Question around the Default User

New Member Postagens: 4 Data de Entrada: 25/03/11 Postagens Recentes

Greetings.

I'm writing a security hardening guide for Liferay, and noticed that the default install has a user named "default@liferay.com" with a password of "password" and passwordEncrypted = 0 in the SQL DB. I verified that the user cannot login using said credentials, but now I'm kind of curious as to why? Is it due to some internal code that prevents an interactive login from this user?

Also, is it safe to completely remove this row in the SQL DB?

Kind regards,

Mika Koivisto, modificado 12 Anos atrás.

RE: Security Question around the Default User

Liferay Legend Postagens: 1519 Data de Entrada: 07/08/06 Postagens Recentes

Default user can never login and no it's not safe to delete any rows from the DB directly.