Make the default database passwords dynamics #2946
Description
What feature do you want to see added?
Hello
The current default database password (12345) poses an unnecessary security risk, even if the impact may seem minimal at first glance. Using such a universally known and trivial password makes misconfiguration more likely, especially for inexperienced server owners who may leave the default value unchanged. If a noob keep 12345 as the default password, it can lead to a pown of the database.
Introducing a dynamic, randomly generated default password would significantly reduce this risk by preventing accidental exposure and encouraging proper configuration. Even small improvements in default security practices can help protect servers and avoid avoidable vulnerabilities.
Sincerely,
The RoflSec team.
Are there any alternatives?
Maybe add at least a comment near the password in the file with a warn ?
(But that's not enough and doesn't sound polished)
Anything else?
No response