@tbr okay I am going to say this: default credentials should always be randomly generated on deploy. As in, yes, it is the sysadmin's responsibility to change them, *but* the software should also not set admin:admin and such.

Defense in depth.

Sign in to participate in the conversation

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!