Towards a more secure default setup

Towards a more secure default setup

Shipping with a default account user name and password is considered
an authentication anti-pattern; see
http://code.google.com/p/owasp-development-guide/wiki/WebAppSecDesignGuide_D2

By making the user select an admin user name and password at the time
they create the database, we avoid the chance that they will forget to
change the default password and leave their system open to access.

Next step is to change the seed data to insert random values for the
admin username and password, then update the documentation accordingly.

git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_2_0@19244 dcc99617-32d9-48b4-a31d-7c20da2025e4