diff --git a/DNN Platform/Library/Entities/Urls/FriendlyUrlSettings.cs b/DNN Platform/Library/Entities/Urls/FriendlyUrlSettings.cs
index 3cec0fc7990..96918087623 100644
--- a/DNN Platform/Library/Entities/Urls/FriendlyUrlSettings.cs
+++ b/DNN Platform/Library/Entities/Urls/FriendlyUrlSettings.cs
@@ -340,7 +340,8 @@ public string DoNotIncludeInPathRegex
get
{
// 661 : do not include in path
- // 742 : was not reading and saving value when 'doNotIncludeInPathRegex' used
+ // 742 : was not reading and saving value when 'doNotIncludeInPathRegex' used
+ // FUTURE: DNN 11.x Update to remove the runningDefault value
return this._doNotIncludeInPathRegex ??
(this._doNotIncludeInPathRegex =
this.GetStringSetting(
diff --git a/DNN Platform/Library/Entities/Users/UserController.cs b/DNN Platform/Library/Entities/Users/UserController.cs
index e36232d4f6d..2a3cbd7c296 100644
--- a/DNN Platform/Library/Entities/Users/UserController.cs
+++ b/DNN Platform/Library/Entities/Users/UserController.cs
@@ -353,6 +353,7 @@ public static void ChangeUsername(int userId, string newUsername)
/// or
/// .
///
+ [Obsolete("Deprecated in 9.8.1. Scheduled removal in v11.0.0. No alternative method implemented.")]
public static void CheckInsecurePassword(string username, string password, ref UserLoginStatus loginStatus)
{
if (username == "admin" && (password == "admin" || password == "dnnadmin"))
diff --git a/DNN Platform/Library/Security/Membership/UserLoginStatus.cs b/DNN Platform/Library/Security/Membership/UserLoginStatus.cs
index cebb50e3c62..6ff5067f257 100644
--- a/DNN Platform/Library/Security/Membership/UserLoginStatus.cs
+++ b/DNN Platform/Library/Security/Membership/UserLoginStatus.cs
@@ -1,7 +1,9 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information
-
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information
+
+using System;
+
namespace DotNetNuke.Security.Membership
{
public enum UserLoginStatus
@@ -10,8 +12,10 @@ public enum UserLoginStatus
LOGIN_SUCCESS = 1,
LOGIN_SUPERUSER = 2,
LOGIN_USERLOCKEDOUT = 3,
- LOGIN_USERNOTAPPROVED = 4,
- LOGIN_INSECUREADMINPASSWORD = 5,
+ LOGIN_USERNOTAPPROVED = 4,
+ [Obsolete("Deprecated in 9.8.1. Scheduled removal in v11.0.0. No alternative method implemented.")]
+ LOGIN_INSECUREADMINPASSWORD = 5,
+ [Obsolete("Deprecated in 9.8.1. Scheduled removal in v11.0.0. No alternative method implemented.")]
LOGIN_INSECUREHOSTPASSWORD = 6,
}
}
diff --git a/DNN Platform/Website/App_GlobalResources/SharedResources.resx b/DNN Platform/Website/App_GlobalResources/SharedResources.resx
index 979ca5b5d07..8b3c29ea36e 100644
--- a/DNN Platform/Website/App_GlobalResources/SharedResources.resx
+++ b/DNN Platform/Website/App_GlobalResources/SharedResources.resx
@@ -1026,18 +1026,6 @@
Your new password was not accepted for security reasons. Please ensure the correct user name and answer were entered.
-
- Your admin account is still using a known default password. Please go to the Manage->Users menu and update the password. In addition, please ensure a valid email address is entered.
-
-
- Your host (Super User) account is still using a known default password. Please go to the Manage->Users menu and update the password.
-
-
- Both the default accounts (host and admin) are using known default passwords. Please go to the Manage->Users menu and update the passwords. In addition, please ensure valid email addresses are entered.
-
-
- Insecure account details
-
<strong>*Note:</strong> Membership to this site is private. Once your account information has been submitted, the Site Administrator will be notified and your application will be subjected to a screening procedure. If your application is authorized, you will receive notification that you can access the site.
diff --git a/DNN Platform/Website/Default.aspx.cs b/DNN Platform/Website/Default.aspx.cs
index e6b5bde9dd4..872a682d09f 100644
--- a/DNN Platform/Website/Default.aspx.cs
+++ b/DNN Platform/Website/Default.aspx.cs
@@ -270,21 +270,6 @@ protected override void OnInit(EventArgs e)
}
}
- // check if running with known account defaults
- if (this.Request.IsAuthenticated && string.IsNullOrEmpty(this.Request.QueryString["runningDefault"]) == false)
- {
- var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo;
- var usernameLower = userInfo?.Username?.ToLowerInvariant();
-
- // only show message to default users
- if ("admin".Equals(usernameLower) || "host".Equals(usernameLower))
- {
- var messageText = this.RenderDefaultsWarning();
- var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile);
- UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError);
- }
- }
-
// add CSS links
ClientResourceManager.RegisterDefaultStylesheet(this, string.Concat(Globals.ApplicationPath, "/Resources/Shared/stylesheets/dnndefault/7.0.0/default.css"));
ClientResourceManager.RegisterIEStylesheet(this, string.Concat(Globals.HostPath, "ie.css"));
@@ -738,31 +723,6 @@ private Dictionary ParsePageCallBackArgs(string strArg)
return objDict;
}
- ///
- /// check if a warning about account defaults needs to be rendered.
- ///
- /// localised error message.
- ///
- private string RenderDefaultsWarning()
- {
- var warningLevel = this.Request.QueryString["runningDefault"];
- var warningMessage = string.Empty;
- switch (warningLevel)
- {
- case "1":
- warningMessage = Localization.GetString("InsecureAdmin.Text", Localization.SharedResourceFile);
- break;
- case "2":
- warningMessage = Localization.GetString("InsecureHost.Text", Localization.SharedResourceFile);
- break;
- case "3":
- warningMessage = Localization.GetString("InsecureDefaults.Text", Localization.SharedResourceFile);
- break;
- }
-
- return warningMessage;
- }
-
private IFileInfo GetBackgroundFileInfo()
{
string cacheKey = string.Format(Common.Utilities.DataCache.PortalCacheKey, this.PortalSettings.PortalId, "BackgroundFile");
diff --git a/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs b/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs
index b44062e263b..82e924f5ae6 100644
--- a/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs
+++ b/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs
@@ -153,22 +153,6 @@ protected string RedirectURL
}
}
- // check for insecure account defaults
- var qsDelimiter = "?";
- if (redirectURL.Contains("?"))
- {
- qsDelimiter = "&";
- }
-
- if (this.LoginStatus == UserLoginStatus.LOGIN_INSECUREADMINPASSWORD)
- {
- redirectURL = redirectURL + qsDelimiter + "runningDefault=1";
- }
- else if (this.LoginStatus == UserLoginStatus.LOGIN_INSECUREHOSTPASSWORD)
- {
- redirectURL = redirectURL + qsDelimiter + "runningDefault=2";
- }
-
return redirectURL;
}
}