Security Question around the Default User

Foren

David Torre, geändert vor 12 Jahren.

Security Question around the Default User

New Member Beiträge: 4 Beitrittsdatum: 25.03.11 Neueste Beiträge

Greetings.

I'm writing a security hardening guide for Liferay, and noticed that the default install has a user named "default@liferay.com" with a password of "password" and passwordEncrypted = 0 in the SQL DB. I verified that the user cannot login using said credentials, but now I'm kind of curious as to why? Is it due to some internal code that prevents an interactive login from this user?

Also, is it safe to completely remove this row in the SQL DB?

Kind regards,

Mika Koivisto, geändert vor 12 Jahren.

RE: Security Question around the Default User

Liferay Legend Beiträge: 1519 Beitrittsdatum: 07.08.06 Neueste Beiträge

Default user can never login and no it's not safe to delete any rows from the DB directly.