/
How do we better protect the default login accounts and ensure password changes?

How do we better protect the default login accounts and ensure password changes?

Owned by Trevor Vaughan
Last updated: Apr 07, 2016 by Chris TessmerVersion comment
StatusIN PROGRESS
StakeholdersChris Tessmer Rein, Gady E Judith Johnson Nicholas Markowski Jeanne Greulich Kendall Moore 
Outcome
Due date
OwnerTrevor Vaughan 

Background

It is possible for users to initially log into the system as `root` and possibly miss updating the `simp` user password.

I would like to propose that we move to providing a static `simp` user password from the ISO and randomizing the `root` password.

This would force the issue of updating the `root` password as well as the `simp` password with no possibility of failing to change either password at initial install.

Action items

  •