Security Question around the Default User

Foros de discusión

David Torre, modificado hace 12 años.

Security Question around the Default User

New Member Mensajes: 4 Fecha de incorporación: 25/03/11 Mensajes recientes

Greetings.

I'm writing a security hardening guide for Liferay, and noticed that the default install has a user named "default@liferay.com" with a password of "password" and passwordEncrypted = 0 in the SQL DB. I verified that the user cannot login using said credentials, but now I'm kind of curious as to why? Is it due to some internal code that prevents an interactive login from this user?

Also, is it safe to completely remove this row in the SQL DB?

Kind regards,

Mika Koivisto, modificado hace 12 años.

RE: Security Question around the Default User

Liferay Legend Mensajes: 1519 Fecha de incorporación: 7/08/06 Mensajes recientes

Default user can never login and no it's not safe to delete any rows from the DB directly.