#204 closed defect (fixed)
Inconsistent treatment of blank passwords for superusers
| Reported by: | Owned by: | Adrian Holovaty | |
|---|---|---|---|
| Component: | Tools | Version: | |
| Severity: | normal | Keywords: | password blank superuser createsuperuser django-admin.py |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
django-admin.py allows one to create a superuser with a blank password, but that password can't then be changed (eg to something non-blank) using the admin interface, because /admin/password_change/ demands that "Old password" be non-blank.
Suggested action: fix django-admin.py so blank superuser passwords aren't allowed.
Note:
See TracTickets
for help on using tickets.
(In [314]) Fixed #204 -- Changed 'django-admin createsuperuser' to disallow blank passwords