Hyland Connect

andersg · ‎03-20-2009

having a well-known username/password for the alfresco database does seem like a security concern to me. I guess there are no problems changing the password to something else? What do you all do? Use default or change?

ssaravanan · ‎03-20-2009

In the production environment ofcourse everyone will have their own passwords
set up for security reasons.
During development its better to stick with the defaults, so that u don't
need to edit any configs, just use the config out of the box

andersg · ‎03-20-2009

Yes, but that was not what I asked. I asked about the password Alf uses to access the database.

cliffords · ‎03-20-2009

It goes without saying that if you're install is publicly accessible then don't use the default passwords. Of course you would change them. I'd personally change the default username as well so a script kiddie can't come by and try a dictionary password crack on your admin area.

bashmaq · ‎03-20-2009

having a well-known username/password for the alfresco database does seem like a security concern to me. I guess there are no problems changing the password to something else? What do you all do? Use default or change?

Just find custom-repository.properties file in extensions folder, and change everything you need - db.username and db.password properties. Of course you will have to change these seettings in you external database also.

andersg · ‎03-21-2009

OK. I was just a bit wary, since sometimes you have to spelunk around a million xml files and change there too. Had that problem with Share since I had to change the port from 8080. I also had some really weird problems where tomcat would claim that the port was taken, no matter what. Turned out that stopping alfresco left the Java process hanging.

Hyland Connect

Change default database password?