Pleroma - about passwords

Hi all. Again, not a bug, just a heads-up for other users.

YNH-Pleroma’s use of passwords is a little strange. You have:

  • The “admin password” that you set on Pleroma’s pre-installation page in the Yunohost web panel. This is the one that cannot contain special characters. As far as I know, the only time it’s used after installation is to set up two-factor authentication. Using any other password for this won’t work.

  • The username and password of the Yunohost user who was selected to be the administrator for Pleroma, on the same page. These become the Pleroma admin account’s username and password on installation. The username also becomes the first part of the account’s webfinger (i.e. @user@instance.tld).

Also, I am not sure about this, but I think the Yunohost user’s password and the Pleroma admin account’s password are the same entity in the background. This means that if you change your Yunohost user’s password in the web admin or the command line, it should change your Pleroma password too… but I have not tried this to see what happens.
The ‘change password’ features in the Pleroma FE settings (the cog icon in the top right) and in Admin FE (the dial next to the cog) are buggy, and I suspect this is why – the passwords are changed from elsewhere. If you try to change your password using either of these methods, you’ll be logged out and your new password will be rejected as invalid, but it will accept your old password.

I’ve just tried it, and yes, they are the same entity in the background. Changing your Yunohost user’s password changes the password you use to log in to your Pleroma account.

Edit: I’ve learned that doing this causes the “admin password” (that you set just before installing Pleroma) to be rejected when using it to set up 2FA. I’ve reported this on Pleroma-ynh’s issues tracker on Github… as I don’t know what other password you’re supposed to use!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.