The initial password "cyan" is weak and easily exploited if the regular drupal auth is also enabled.
This patch sets the password to a unique random string.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

moshe weitzman’s picture

Status: Needs review » Needs work

any reason we should not use user_password() like user.module does?

barry_johnson’s picture

None at all. I'm just a newbie to drupal and didn't realize it existed :-)

gaards’s picture

Issue summary: View changes
Status: Needs work » Closed (outdated)

This code snippet is not present in the current supported version (7.x) of Webserver authentication. I'm closing this issue.