From 8554e5261bf27fa3a1319b7e30da9c0deb2e34c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Noco=C5=84?= <mnocon@users.noreply.github.com>
Date: Wed, 21 May 2025 16:08:47 +0200
Subject: [PATCH 1/4] Added information about ibexa:install prompting for new
 password

---
 docs/getting_started/install_ibexa_dxp.md          | 14 ++++++++++++++
 .../security/security_checklist.md                 |  1 +
 .../2_create_the_content_model.md                  |  2 +-
 docs/tutorials/generic_field_type/5_add_a_field.md |  2 +-
 .../1_get_a_starter_website.md                     |  2 +-
 5 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 5da17ffe40..d3e2f8d5e8 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -273,6 +273,20 @@ php bin/console ibexa:graphql:generate-schema
 
 Before executing the command make sure that the database user has sufficient permissions.
 
+The installer will prompt you for a new password for the `admin` user.
+Make sure to use a [strong password](security_checklist.md#strong-passwords) meeting all the [password rules](passwords.md#password-rules).
+
+!!! note
+
+	In scenarios where entering the new password is not possible, for example in automated deployments and Continuous Integration environments, use the `--no-interaction` option to skip changing the password and keep the default one, `publish`.
+
+    ``` bash
+    php bin/console ibexa:install --no-interaction
+    php bin/console ibexa:graphql:generate-schema
+    ```
+
+    If doing so, [modify the password for the `admin` user](update_basic_user_data.md#change-password) before going live.
+
 ### Run post-installation script
 
 Run the post-installation script with the following command:
diff --git a/docs/infrastructure_and_maintenance/security/security_checklist.md b/docs/infrastructure_and_maintenance/security/security_checklist.md
index 0482dd15b9..ef67c43e3a 100644
--- a/docs/infrastructure_and_maintenance/security/security_checklist.md
+++ b/docs/infrastructure_and_maintenance/security/security_checklist.md
@@ -319,3 +319,4 @@ to receive notifications when a security fix is released in a GitHub-hosted depe
 - Enable logging for [[= product_name =]], the web server, any frontend proxies, and the database.
 - Monitor the logs for unusual and suspicious activity. Consider using log monitoring software to make this easier.
 - Consider using different accounts for manual administrative tasks and for the day-to-day running of your installation. You could for instance configure [[= product_name =]] to use a different database user than the one you use during upgrades. This can make it easier to filter out noise in your log monitoring solution.
+
diff --git a/docs/tutorials/beginner_tutorial/2_create_the_content_model.md b/docs/tutorials/beginner_tutorial/2_create_the_content_model.md
index 9108c520ab..cb564181b5 100644
--- a/docs/tutorials/beginner_tutorial/2_create_the_content_model.md
+++ b/docs/tutorials/beginner_tutorial/2_create_the_content_model.md
@@ -33,7 +33,7 @@ More than one Ride can visit the same Landmark, so it's similar to an N-N relati
 
 In this step you add the first content type, Ride.
 
-Go to the admin interface (`<yourdomain>/admin`) and log in with the default username: `admin` and the default password: `publish`. 
+Go to the admin interface (`<yourdomain>/admin`) and log in with the default username: `admin` using the password specified during installation.
 
 In the upper-right corner, click the avatar icon to unfold the drop-down menu and disable the [Focus mode]([[= user_doc =]]/getting_started/discover_ui/#focus-mode).
 
diff --git a/docs/tutorials/generic_field_type/5_add_a_field.md b/docs/tutorials/generic_field_type/5_add_a_field.md
index ab78608c3e..c1ef9bea15 100644
--- a/docs/tutorials/generic_field_type/5_add_a_field.md
+++ b/docs/tutorials/generic_field_type/5_add_a_field.md
@@ -5,7 +5,7 @@ description: Learn how to use your custom field type by adding a field to a cont
 # Step 5 - Add a new Point 2D field
 
 All actions in this step are done in the admin interface also called the back office.
-Go to the admin interface (`<yourdomain>/admin`) and log in with the default username: `admin` and the default password: `publish`.
+Go to the admin interface (`<yourdomain>/admin`) and log in with the default username: `admin` using the password specified during installation.
 
 ## Add new content type
 
diff --git a/docs/tutorials/page_and_form_tutorial/1_get_a_starter_website.md b/docs/tutorials/page_and_form_tutorial/1_get_a_starter_website.md
index 75148baaec..e654b0fdae 100644
--- a/docs/tutorials/page_and_form_tutorial/1_get_a_starter_website.md
+++ b/docs/tutorials/page_and_form_tutorial/1_get_a_starter_website.md
@@ -15,7 +15,7 @@ Get it by following the [Install Ibexa DXP](install_ibexa_dxp.md) guide.
 
 ## Add content types
 
-Log in to the back office – add `/admin` to your installation's address (`<yourdomain>/admin`) and log in using `admin` as the login and `publish` as the password.
+Log in to the back office – add `/admin` to your installation's address (`<yourdomain>/admin`) and log in as `admin` user using the password specified during installation.
 Disable the Focus mode, go to content types screen and (under the content category) add two content types with the following settings:
 
 ### Dog Breed

From 4827a04e0461d5d0a4320ae3c919626c27ad1a72 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Noco=C5=84?= <mnocon@users.noreply.github.com>
Date: Wed, 21 May 2025 16:30:21 +0200
Subject: [PATCH 2/4] Small adjustments

---
 docs/getting_started/install_ibexa_dxp.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index d3e2f8d5e8..43d4b27802 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -278,14 +278,14 @@ Make sure to use a [strong password](security_checklist.md#strong-passwords) mee
 
 !!! note
 
-	In scenarios where entering the new password is not possible, for example in automated deployments and Continuous Integration environments, use the `--no-interaction` option to skip changing the password and keep the default one, `publish`.
+	In scenarios where entering the new password is not possible, for example in automated deployments and Continuous Integration environments, use the `--no-interaction` option to skip changing the password and keep the default one, `publish`:
 
     ``` bash
     php bin/console ibexa:install --no-interaction
     php bin/console ibexa:graphql:generate-schema
     ```
 
-    If doing so, [modify the password for the `admin` user](update_basic_user_data.md#change-password) before going live.
+    If doing so, [modify the password for the `admin` user](update_basic_user_data.md#change-password) before [going live with your project](security_checklist.md).
 
 ### Run post-installation script
 

From ac9485813eada20f0dd40276ed8a51fcd825db69 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Noco=C5=84?= <mnocon@users.noreply.github.com>
Date: Thu, 22 May 2025 17:19:39 +0200
Subject: [PATCH 3/4] Removed mention of default password

---
 docs/getting_started/first_steps.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/getting_started/first_steps.md b/docs/getting_started/first_steps.md
index 6b72a0dae3..3a0a21c825 100644
--- a/docs/getting_started/first_steps.md
+++ b/docs/getting_started/first_steps.md
@@ -33,7 +33,7 @@ module.exports = [ eZConfig, ibexaConfig, ...customConfigs ];
 
 ## Add a content type
 
-1\. In your browser, go to the back office: `<your_domain>/admin`, and use the default credentials to log in: `admin/publish`.
+1\. In your browser, go to the back office: `<your_domain>/admin`, and log in with the default username: `admin` using the password specified during installation.
 
 !!! caution "Password change"
 

From addf7ea64ad76631f0a754a4b5ed3227d7e4df52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Noco=C5=84?= <mnocon@users.noreply.github.com>
Date: Fri, 23 May 2025 09:32:29 +0200
Subject: [PATCH 4/4] Update docs/getting_started/install_ibexa_dxp.md

Co-authored-by: julitafalcondusza <117284672+julitafalcondusza@users.noreply.github.com>
---
 docs/getting_started/install_ibexa_dxp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 43d4b27802..52af843de4 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -278,7 +278,7 @@ Make sure to use a [strong password](security_checklist.md#strong-passwords) mee
 
 !!! note
 
-	In scenarios where entering the new password is not possible, for example in automated deployments and Continuous Integration environments, use the `--no-interaction` option to skip changing the password and keep the default one, `publish`:
+	In scenarios where entering the new password isn't possible, for example, in automated deployments and Continuous Integration environments, use the `--no-interaction` option to skip changing the password and keep the default one, `publish`:
 
     ``` bash
     php bin/console ibexa:install --no-interaction