The first question that should be answered when setting the security strategy is: Can anonymous users browse the SonarQube instance or must authentication be required? To force user authentication, log in as a System administrator and go to Settings > General Settings > Security and set the Force user authentication property to trueTo allow users to sign up for a SonarQube account, set the Allow users to sign up property to true

Creating a User

A user is a set of basic information: login, password, name and email.

To create a new user, go to Setting > Users > Add new user:

Changing your Password

To change your password, log in and go to My_Name > My Profile:

When the LDAP plugin is installed and activated, it is no longer possible for users to change their password. Then, only system administrators can do so through Settings > Users > Change password. Note that this password is only used when the LDAP server is not reachable and the authentication mechanism fall back to the SonarQube built-in mechanism.

Default Admin Credentials

When installing SonarQube, a default user with Administer System permission is created automatically:


I lost the admin password

In case you lost the admin password of your SonarQube instance, you can reset it by executing the following query:

update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin'

This will reset the password to admin.