Dear Slashdot *cough*
What would be an effective mechanism to make sure the user changes the default password, without adapting your entire codebase around this single feature?
Suppose your webmail app has something like 123456 set as a default password. The app is pretty visible so potential crackers could easily just google for it. Although it's part of the user experience, it's plain silly to focus a large portion of your code on something you assume the user will/should do, which could save in about 5% code overhead in the end. A hint would be to not fill in the password in by default or indicate in any way that the user still is using the default password. Maybe a simple dialog reminder or just an italic section in the installation documention?
Amending the documentation is useless; it’s not even enough for plausible deniability on your part. You will need to write some code.
The simplest way to do deal with this is to put an “activated” flag on accounts. Do not allow logging into accounts with this flag set. If a user tries to and gives the right password, return a screen than lets them change the password, and when they do so, set the activation flag.
This avoids leaking complexity into other parts of the code; they can just continue to check for a logged-in user.
