How do we better protect the default login accounts and ensure password changes?
Status | In progress |
|---|---|
Stakeholders | @Chris Tessmer @Rein, Gady E @Judith Johnson @Nicholas Markowski @Jeanne Greulich @Kendall Moore |
Outcome | |
Due date | Apr 11, 2016 |
Owner | @Trevor Vaughan |
Background
It is possible for users to initially log into the system as `root` and possibly miss updating the `simp` user password.
I would like to propose that we move to providing a static `simp` user password from the ISO and randomizing the `root` password.
This would force the issue of updating the `root` password as well as the `simp` password with no possibility of failing to change either password at initial install.