• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Fixed Setup Administrator Password

Pereira

Well-known member
#1
When setting up the administrator account on the first install, I was able to hit "create administrator" without entering a password. There's no validation to ensure that a password has been entered.

When you try to log in with the username only, as expected, it says you need a password.
 
Last edited:

JVCode

Well-known member
#2
Yeah, this is a weird one, you can't proceed without entering username or email, but it doesn't require a password. hehe
 

Kier

XenForo Developer
Staff member
#3
Strictly speaking, this is by design, as we allow accounts with empty passwords (whereas an account is invalid without username and email), which can be useful in a test installation, but I'm going to take a quick look to see if it would be relatively easy to force a password to be entered.