Cannot change password of initial user #619

New Issue

OVERLORD · 2026-02-04T20:35:21+03:00

OVERLORD commented

2026-02-04 20:35:21 +03:00

Originally created by @alzeebum on GitHub (Dec 14, 2024).

Is this a feature for the backend or frontend?

Frontend

What would you like?

You should be able to change the initial administrative user's password, but you cannot. After installing with the Automated Installation and successfully logging in, the first thing I intended to do was change this password, as the one I entered into the console was intentionally simple. However the "Users" list is empty, and there is no way to change the password in the "profile" section.

It appears the only supported way to change this password is through some backend console magic I am trying to figure out.

Why is this needed?

Changing passwords regularly is basic security policy.

Other information

No response

Originally created by @alzeebum on GitHub (Dec 14, 2024). ### Is this a feature for the backend or frontend? Frontend ### What would you like? You should be able to change the initial administrative user's password, but you cannot. After installing with the Automated Installation and successfully logging in, the first thing I intended to do was change this password, as the one I entered into the console was intentionally simple. However the "Users" list is empty, and there is no way to change the password in the "profile" section. It appears the only supported way to change this password is through some backend console magic I am trying to figure out. ### Why is this needed? Changing passwords regularly is basic security policy. ### Other information _No response_

OVERLORD commented

2026-02-04 20:35:26 +03:00

@meltyshev commented on GitHub (Dec 14, 2024):

Hi! Thanks for reporting this.

I’m not entirely sure how the automatic installer handles this, but the password cannot be changed because the initial user is defined in the environment variables (in the docker-compose.yml file).

To fix this, you need to remove the DEFAULT_ADMIN_* lines from /opt/planka/docker-compose.yml and restart the container. Once done, the default admin user should be fully editable.

@meltyshev commented on GitHub (Dec 14, 2024): Hi! Thanks for reporting this. I’m not entirely sure how the automatic installer handles this, but the password cannot be changed because the initial user is defined in the environment variables (in the `docker-compose.yml` file). To fix this, you need to remove the `DEFAULT_ADMIN_*` lines from `/opt/planka/docker-compose.yml` and restart the container. Once done, the default admin user should be fully editable.

OVERLORD commented

2026-02-04 20:35:32 +03:00

@alzeebum commented on GitHub (Dec 14, 2024):

Hi! Thanks for reporting this.

I’m not entirely sure how the automatic installer handles this, but the password cannot be changed because the initial user is defined in the environment variables (in the docker-compose.yml file).

To fix this, you need to remove the DEFAULT_ADMIN_* lines from /opt/planka/docker-compose.yml and restart the container. Once done, the default admin user should be fully editable.

Hey Maksim,

There are no config entries with such names, or anything beginning with DEFAULT_, in the /opt/planka/docker-compose.yml on the host. During the automated install you are prompted for the user details by what appears to be a shell script, I don't know where they go from there.

EDIT: Nevermind, there's an .env there with them inside.

@alzeebum commented on GitHub (Dec 14, 2024): > Hi! Thanks for reporting this. > > I’m not entirely sure how the automatic installer handles this, but the password cannot be changed because the initial user is defined in the environment variables (in the `docker-compose.yml` file). > > To fix this, you need to remove the `DEFAULT_ADMIN_*` lines from `/opt/planka/docker-compose.yml` and restart the container. Once done, the default admin user should be fully editable. Hey Maksim, There are no config entries with such names, or anything beginning with `DEFAULT_`, in the /opt/planka/docker-compose.yml on the host. During the automated install you are prompted for the user details by what appears to be a shell script, I don't know where they go from there. EDIT: Nevermind, there's an `.env` there with them inside.

OVERLORD commented

2026-02-04 20:35:36 +03:00

@alzeebum commented on GitHub (Dec 14, 2024):

However, deleting those entries from the .env file and restarting with docker-compose restart does not make the user editable and in fact it reverted my password back to the initial one after I'd changed it via the instructions in the issue 327. I am continuing to investigate.

@alzeebum commented on GitHub (Dec 14, 2024): However, deleting those entries from the .env file and restarting with `docker-compose restart` does not make the user editable and in fact it reverted my password back to the initial one after I'd changed it via the instructions in the issue 327. I am continuing to investigate.

OVERLORD commented

2026-02-04 20:35:48 +03:00

@meltyshev commented on GitHub (Dec 14, 2024):

There are no config entries with such names, or anything beginning with DEFAULT_, in the /opt/planka/docker-compose.yml on the host. During the automated install you are prompted for the user details by what appears to be a shell script, I don't know where they go from there.

EDIT: Nevermind, there's an .env there with them inside.

Oops, you're right!

However, deleting those entries from the .env file and restarting with docker-compose restart does not make the user editable and in fact it reverted my password back to the initial one after I'd changed it via the instructions in the issue 327. I am continuing to investigate.

Hmm, it seems these variables are either defined somewhere else or redefined after the restart. I'll check now to see how it works.

@meltyshev commented on GitHub (Dec 14, 2024): > There are no config entries with such names, or anything beginning with `DEFAULT_`, in the /opt/planka/docker-compose.yml on the host. During the automated install you are prompted for the user details by what appears to be a shell script, I don't know where they go from there. > > EDIT: Nevermind, there's an `.env` there with them inside. Oops, you're right! > However, deleting those entries from the .env file and restarting with `docker-compose restart` does not make the user editable and in fact it reverted my password back to the initial one after I'd changed it via the instructions in the issue 327. I am continuing to investigate. Hmm, it seems these variables are either defined somewhere else or redefined after the restart. I'll check now to see how it works.

OVERLORD commented

2026-02-04 20:35:50 +03:00

@alzeebum commented on GitHub (Dec 14, 2024):

I may have misspoke earlier. The default admin user still does not appear in the users list when clicking the little people icon, but I can change the password and username now. The first point is weird but not terribly important I suppose.

@alzeebum commented on GitHub (Dec 14, 2024): I may have misspoke earlier. The default admin user still does not appear in the users list when clicking the little people icon, but I can change the password and username now. The first point is weird but not terribly important I suppose.

OVERLORD commented

2026-02-04 20:35:57 +03:00

@meltyshev commented on GitHub (Dec 14, 2024):

Ah, that's expected. This user is the current user and can only be changed through the own settings with confirmation of the current password. However, it might be less confusing if it was displayed there but restricted from being deleted 🤔

@meltyshev commented on GitHub (Dec 14, 2024): Ah, that's expected. This user is the current user and can only be changed through the own settings with confirmation of the current password. However, it might be less confusing if it was displayed there but restricted from being deleted 🤔

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#619