Get rid of default login credentials
Right now we have to explain to all people installing GitLab that they have to submit
password to login initially.
There are three disadvantages:
- It is a hurdle when installing GitLab
- We have to unlearn the previous credential
5iveL!fethat can be found all over the internet
- Having a default password looks insecure (it is ascetic since you have to change it on login)
Can we hotwire Devise so the first screen you see after installation is to set a new root password? This screen would have two fields, password and confirmation, there is no field for the old password.
- Make installing GitLab easier
- Prevent the user searching the net and fining old credentials
- Would not look insecure
What needs to happen:
- On new installations drop people in the root password reset screen without needing to login with default credentials
- Preserve the existing option to set a password for the first user through the command line, they than will not have to reset the password on login