DefectDojo Cookbook: Reset Admin Password After Installation
One of the most popular after first DefectDojo run is “What the admin password is???”
If you didn’t set admin password before installation, then you may stuck because admin password was generated automatically and you do not know it.
There are several ways to update credentials and become able to login your DefectDojo instance.
Create new DefectDojo superuser
Go to the django-DefectDojo directory where used docker-compose.yml is placed:
$ cd django-DefectDojo
Run this command and create new django DefectDojo superuser:
$ sudo docker-compose exec uwsgi /bin/bash -c 'python manage.py createsuperuser' WARNING: The DD_ADMIN_PASSWORD variable is not set. Defaulting to a blank string. enabling audit logging patching TagDescriptor Popen(['git', 'version'], cwd=/app, universal_newlines=False, shell=None, istream=None) Popen(['git', 'version'], cwd=/app, universal_newlines=False, shell=None, istream=None) Username: admin2 Email address: Password: Password (again): Superuser created successfully.
After this you will be able to login with username admin2 and your new password.
Reset DefectDojo admin password
Reset admin password via Django and Docker-compose
Go to the django-DefectDojo directory where used docker-compose.yml is placed:
$ cd django-DefectDojo
Run command:
$ sudo docker-compose exec uwsgi /bin/bash -c 'python manage.py changepassword admin'
Be happy.
Reset admin password via Mysql and Docker
Run command
$ sudo docker ps
Find the DefectDojo mysql container, in my case it is django-defectdojo_mysql_1.
Enter into the DefectDojo mysql container shell
sudo docker exec -it django-defectdojo_mysql_1 bash
Run mysql client for local server
mysql
Execute commands in the mysql shell
use dojodb; UPDATE auth_user SET password='pbkdf2_sha256$36000$sT96yObJtsFk$F9YAJimsQqBXnff/QGLNTv100qhCNl/23hoBuNtSNZU=' WHERE username='admin'; quit;
Exit from the container shell and login to your DefectDojo instance with login admin and password admin.
