Description
Background
The default admin/****** credentials in application.properties are well-known and can be exploited if unchanged. There is currently no mechanism to force users to change the password after the initial login.
Affected Code:
inlong-manager/.../application.properties:21-22
Proposed Fix
Implement a mandatory password-reset flow triggered on first login for the default admin account (and any account using the default password).
Acceptance Criteria
InLong Component
InLong Manager
Are you willing to submit PR?
Code of Conduct
Description
Background
The default
admin/******credentials inapplication.propertiesare well-known and can be exploited if unchanged. There is currently no mechanism to force users to change the password after the initial login.Affected Code:
inlong-manager/.../application.properties:21-22Proposed Fix
Implement a mandatory password-reset flow triggered on first login for the default
adminaccount (and any account using the default password).Acceptance Criteria
InLong Component
InLong Manager
Are you willing to submit PR?
Code of Conduct