<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p><br>
</p>
<p>Hi All,</p>
<p><br>
</p>
<p>Just to clarify a couple of things....</p>
<p><br>
</p>
<p>The staff UI forces you to make a password when you create a new user. <br>
</p>
<p>However, if you create a user via that api ( when logged in as an administrator ), you do not have to give a password.
<br>
</p>
<p><br>
</p>
<p>There are a use case for having users with blank passwords</p>
<p>( for example, if you want to have a script or service that interacts with the API ). Of course, you should actively monitor your users permissions.
<br>
</p>
<p><br>
</p>
<p>The migrators create users and assign permission as there were in AT/Archon. After running a migration, you should examine your users to make sure they migrated correctly, and reset their passwords.<br>
</p>
<p><br>
</p>
<p>Also, just to be clear, these aren't database users, but just ASpace users. <br>
</p>
<p><br>
</p>
<p>That said, sure, it's probably pretty easy feature if we wanted to have the ability to enforce some kind of password strength policy. Could be done as a plugin, even...</p>
<p><br>
</p>
<p>Password reset is also doable, but it slightly tricky...most reset features require access to a mail server, which ASpace currently doesn't have. Again, not rocket science, but would be an additional thing thrown into the mix ( and, also another security
attack vector ). Or maybe we could think of an alternative reset that doesn't use a mail server?
<br>
</p>
<p><br>
</p>
<p>But yeah, again let me know if you have any questions...<br>
</p>
<p><br>
</p>
<p>best, Chris. <br>
</p>
<p><br>
</p>
<div id="Signature">
<div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0">
<div class="BodyFragment"><font size="2">
<div class="PlainText">Chris Fitzpatrick | <font size="2">Developer, ArchivesSpace</font><br>
Skype: chrisfitzpat | Phone: 918.236.6048<br>
http://archivesspace.org/<br>
</div>
</font></div>
</div>
</div>
<br>
<br>
<div style="color: rgb(0, 0, 0);">
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> archivesspace_users_group-bounces@lyralists.lyrasis.org <archivesspace_users_group-bounces@lyralists.lyrasis.org> on behalf of Prom, Christopher
John <prom@illinois.edu><br>
<b>Sent:</b> Wednesday, February 10, 2016 6:25 PM<br>
<b>To:</b> Archivesspace Users Group<br>
<b>Subject:</b> Re: [Archivesspace_Users_Group] More admins, more problems</font>
<div> </div>
</div>
<div>Phil,
<div class=""><br class="">
</div>
<div class="">What you re suggesting makes good sense. We can clean up the documentation to address the security points. I suspect part of what happened here is the ‘aspace’ user issue was introduced inadvertently with the new code development, so simply
recommending it be deleted would be the main way forward. Unless it was created in some other way, but I am not sure how, since in the case of my DB, I was looking at a version that had ONLY be touched by the migrator.
<div class=""><br class="">
</div>
<div class="">Chris</div>
<div class=""><br class="">
<div>
<blockquote type="cite" class="">
<div class="">On Feb 10, 2016, at 8:44 AM, Suda, Phillip J <<a style="color: blue; text-decoration: underline;" href="mailto:psuda1@tulane.edu">psuda1@tulane.edu</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)" class="">
<div class="" lang="EN-US">
<div style="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Chris, all: </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="text-indent: 0.5in; margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">I think that the Archon-to-ArchivesSpace migration documentation could be improved. I think it needs to be made explicit that all users will be migrated from Archon to ArchivesSpace. As you and I are both on the Migration
Sub-Committee, I think we could look at improving the documentation for migration (unless of course the user migration is altered). Also, I am not sure that user migration is a negative as long as users/passwords are managed. When I have migrated from Archon
to ArchivesSpace, I have deleted any users that would not be needed by staff and made sure passwords were altered. With all this being said, I do agree that a discussion about security should be had.
</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Thanks, </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Phil </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Phillip Suda</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Systems Librarian</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Howard-Tilton Memorial Library</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Tulane University</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"><a style="color: blue; text-decoration: underline;" href="mailto:psuda1@tulane.edu">psuda1@tulane.edu</a></span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">504-865-5607</span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D"> </span></p>
<div class="">
<div class="" style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<b class="">From:</b> <a style="color: blue; text-decoration: underline;" href="mailto:archivesspace_users_group-bounces@lyralists.lyrasis.org">
archivesspace_users_group-bounces@lyralists.lyrasis.org</a> [<a style="color: blue; text-decoration: underline;" href="mailto:archivesspace_users_group-bounces@lyralists.lyrasis.org">mailto:archivesspace_users_group-bounces@lyralists.lyrasis.org</a>]
<b class="">On Behalf Of </b>Prom, Christopher John<br class="">
<b class="">Sent:</b> Wednesday, February 10, 2016 8:32 AM<br class="">
<b class="">To:</b> Archivesspace Users Group <<a style="color: blue; text-decoration: underline;" href="mailto:archivesspace_users_group@lyralists.lyrasis.org">archivesspace_users_group@lyralists.lyrasis.org</a>><br class="">
<b class="">Subject:</b> Re: [Archivesspace_Users_Group] More admins, more problems</p>
</div>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Thanks Mark, this is good to hear. <span class="" style="font-size:12.0pt"></span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
I do think that a security review would be helpful. My concern here is not so much with the tool, as with the fact that the app allows there to be blank passwords, which makes me wonder if there are other security problems lurking somewhere. I know this issue
had come up several years ago, and I thought fixed at that time, but apparently crept back in.
</p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
I also second the idea of an accessibility review. On the web team we have here, we have one person dedicated to accessibility issues, and it contributes immensely to the project as a whole to have a focus on this.</p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Chris</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
<div class="">
<blockquote class="" style="margin-top:5.0pt; margin-bottom:5.0pt">
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
On Feb 9, 2016, at 9:07 PM, Custer, Mark <<a style="color: blue; text-decoration: underline;" href="mailto:mark.custer@YALE.EDU">mark.custer@YALE.EDU</a>> wrote:</p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
<div class="">
<div class="">
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">Chris, all:
</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">Speaking as someone who isn't a security expert at all, I'd just point out that the two migration tools are not part of the ArchivesSpace core code -- also, I've felt really good with
how security is handled in the core code so far, although I do scratch my head at times with how global, repository, and user permissions and preferences function. Still, I have no clue why the migration tools would need to create an additional "system admin"
user during the migration process, but since they both do, I'd expect that the migration tools should at least remove those users after the migration, as you suggested, Chris. Since that's not the case, I just wanted to bring the issue up to a wider audience
again. Speaking of which, I'll make sure to post the same message to the Google Group tomorrow (but if anyone wants to beat me to it, feel free!).</span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">All that said, I'm sure that code reviews, security audits, and the like would be extremely welcome -- ArchivesSpace is open-source software, after all! I'd also like to make a pitch
that an accessibility review be conducted for the staff interface, if a major one hasn't already been conducted, as I've heard from some staff members that they have a difficult time with the default styling (particularly with contrast and other visual elements),
but I'm loath to admit that we haven't done that yet. Perhaps other have?</span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">Lastly, I'd actually say that my confidence with the software has only grown the more that I've used it and seen the amount of work that's gone into it in such a short amount of time already.
And I expect that the quality will only increase as more and more developers start pitching in with bug fixes and the like... but right now, the migration specialist position hasn't been refilled, and I don't believe there are any plans to do that (although
I'd recommend it, since my usual response is that the optimal number of staff is usually more than what you've got if you're growing, even though that's not a solution in and of itself, of course!).</span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">Mark</span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif"> </span></p>
<div class="">
<div style="text-align: center; margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;" align="center">
<hr class="" align="center" size="2" width="100%">
</div>
<div id="divRpF631298" class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<b class=""><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">From:</span></b><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">
</span><a style="color: blue; text-decoration: underline;" href="mailto:archivesspace_users_group-bounces@lyralists.lyrasis.org"><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">archivesspace_users_group-bounces@lyralists.lyrasis.org</span></a><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">
[</span><a style="color: blue; text-decoration: underline;" href="mailto:archivesspace_users_group-bounces@lyralists.lyrasis.org"><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">archivesspace_users_group-bounces@lyralists.lyrasis.org</span></a><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">]
on behalf of Prom, Christopher John [</span><a style="color: blue; text-decoration: underline;" href="mailto:prom@illinois.edu"><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">prom@illinois.edu</span></a><span class="" style="font-size:10.0pt; font-family:"Tahoma",sans-serif">]<br class="">
<b class="">Sent:</b> Tuesday, February 09, 2016 4:08 PM<br class="">
<b class="">To:</b> Archivesspace Users Group<br class="">
<b class="">Subject:</b> Re: [Archivesspace_Users_Group] More admins, more problems</span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Mark, </p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Thanks for bringing this up. </p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
I just checked and in the case of the archon migrations, the asadmin user is not created. However, it does make a user ‘aspace’ and grants it full admin rights. Even worse, you can login as that user with NO password (i.e. field is blank). So, that one should
definitely be killed off manually or even better the migration tool should delete it when done.</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
In addition, there is another problem with archon migrations, in that the migration tool takes ALL of the existing users from archon DBs, and migrates them into aspace as read only users with the same login, and no password. You can then login to the app
with the old users name and no password (field is blank) and can view but not edit data.</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
All of the users the migration tool create are read only—but still this is a security problem since someone might be able to view restricted data or find a hack to get more permissions on the DB.</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<div class="">
<div class="">
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
As a related question, how is security handled generally in ASpace? Is it relying on an external security library, or bespoke code, or some combination of the two? </p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
The discovery of these types of things, in all honesty, does not engender confidence, and probably indicates the need for a thorough security audit. While the above problems can be cleaned up after the fact, not an ideal solution.</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Chris Prom</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
Univeristy of Illinois Archives</p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<br class="">
<br class="">
</p>
<blockquote class="" style="margin-top:5.0pt; margin-bottom:5.0pt">
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
On Feb 9, 2016, at 2:39 PM, Custer, Mark <<a style="color: blue; text-decoration: underline;" href="mailto:mark.custer@yale.edu" target="_blank">mark.custer@yale.edu</a>> wrote:</p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
</p>
<div class="">
<div class="">
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">All,</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">I wanted to send out a friendly reminder about admin accounts in ArchivesSpace (and this is coming strictly from an ArchivesSpace user’s perspective).</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">As most are aware, when you install ArchivesSpace without any configuration changes, you wind up with a single admin account in ArchivesSpace that has a username equal to “<b class="">admin</b>” and a password set to be
the same. You’ll want to change this password to something else long before you go into production mode. For the most part, I think that people take care of this on or around day one, but if you can log into your ASpace application using that username and
password, you’ll want to update that password to something else that’s a lot more secure!</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Less well known is what happens when you use the migration tool to populate your ArchivesSpace database (I sent an email about this to the listserv way back on May 8, 2015, but I don’t know if what I’m about to describe
is documented anywhere else yet). If you’ve migrated to ArchivesSpace using the Archivists’ Toolkit migration tool (and I’m pretty sure this happens with the Archon tool, as well), then another admin user will be added to your database. This admin user will
have a username that’s equal to “<b class="">asadmin</b>”. I’m not actually sure why the migration tool creates another user (or if the current versions still do this), especially since you have to supply admin credentials to the migration tool to run against
the ASpace API, but I know that this happened during our migration process – and I’ve seen this phantom admin user account in other ArchivesSpace installations, as well. When we discovered this new user, we deleted it from our database immediately after our
final migration process.</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">So, I’d like to ask everyone out there to check and see if they can login to their own ArchivesSpace with an “<b class="">asadmin</b>” account, whether you’re in production or not (the password is easy to guess, since it’s
the same as the default admin user’s password). If you can log in that way, I’d suggest deleting that user immediately!</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="color:#1F497D">Mark</span></p>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
<div class="">
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif; color:#1F497D"> </span><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
</div>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">_______________________________________________<br class="">
Archivesspace_Users_Group mailing list<br class="">
</span><a style="color: blue; text-decoration: underline;" href="mailto:Archivesspace_Users_Group@lyralists.lyrasis.org" target="_blank"><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">Archivesspace_Users_Group@lyralists.lyrasis.org</span></a><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"><br class="">
</span><a style="color: blue; text-decoration: underline;" href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lyralists.lyrasis.org_mailman_listinfo_archivesspace-5Fusers-5Fgroup&d=BQMFAg&c=8hUWFZcy2Z-Za5rBPlktOQ&r=jGJMaTc-8I-z6_tkoj_Qyi4UF1KtYBfcz4s2Ly33jmw&m=JBM5eVzEZn8p99s9zqOEyqrU9PSic9qevEstgnoRq2s&s=Wn9kgsQlk3ScpDWo9h9qop9800isIJZ3prq0kEeKjmo&e="><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group</span></a><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
</blockquote>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"> </span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">_______________________________________________<br class="">
Archivesspace_Users_Group mailing list<br class="">
</span><a style="color: blue; text-decoration: underline;" href="mailto:Archivesspace_Users_Group@lyralists.lyrasis.org"><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">Archivesspace_Users_Group@lyralists.lyrasis.org</span></a><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"><br class="">
</span><a style="color: blue; text-decoration: underline;" href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lyralists.lyrasis.org_mailman_listinfo_archivesspace-5Fusers-5Fgroup&d=BQMFAg&c=8hUWFZcy2Z-Za5rBPlktOQ&r=jGJMaTc-8I-z6_tkoj_Qyi4UF1KtYBfcz4s2Ly33jmw&m=JBM5eVzEZn8p99s9zqOEyqrU9PSic9qevEstgnoRq2s&s=Wn9kgsQlk3ScpDWo9h9qop9800isIJZ3prq0kEeKjmo&e="><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif">http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group</span></a><span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"></span></p>
</div>
</blockquote>
</div>
<p style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: "Calibri",sans-serif;">
<span class="" style="font-size:12.0pt; font-family:"Times New Roman",serif"> </span></p>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br class="">
Archivesspace_Users_Group mailing list<br class="">
<a style="color: blue; text-decoration: underline;" href="mailto:Archivesspace_Users_Group@lyralists.lyrasis.org">Archivesspace_Users_Group@lyralists.lyrasis.org</a><br class="">
http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group<br class="">
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
</div>
</div>
</body>
</html>