The first question that should be answered when setting the security strategy is: Can anonymous users browse the SonarQube instance or must authentication be required? To force user authentication, log in as a System administrator and go to Settings > General Settings > Security and set the Force user authentication property to
true. To allow users to sign up for a SonarQube account, set the Allow users to sign up property to
A user is a set of basic information: login, password, name and email.
To create a new user, go to Setting > Users > Add new user:
To change your password, log in and go to My_Name > My Profile:
When the LDAP plugin is installed and activated, it is no longer possible for users to change their password. Then, only system administrators can do so through Settings > Users > Change password. Note that this password is only used when the LDAP server is not reachable and the authentication mechanism fall back to the SonarQube built-in mechanism.
When installing SonarQube, a default user with Administer System permission is created automatically:
In case you lost the
admin password of your SonarQube instance, you can reset it by executing the following query:
update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin'
This will reset the password to