[dx034]

Why should it be disabled by default? I don't see a reason why any database system would run without auth. At installation they can always use a local user account if no password is provided.

[mhotchen]

I wouldn't call it a bastion of security but MySQL typically installs with a root user with no password. So how do they not have the same level of exposed data? By default only local connections are allowed. If Mongo had the same pattern then this whole calamity could have been avoided whilst still allowing the ease of setting up on local environments.

[malka]

IIRC, even if you enable remote connection, the passwordless login is still only authorized locally.

[mhotchen]

Yeah good point, you're right. The root user is defined as root@localhost, not root@%.

[Fnoord]

Has that always been the case?

[agopaul]

On what distro/OS? On Ubuntu you get to pick the root password during installation

[mhotchen]

On Ubuntu specifically if you do the quiet option (for example as part of an automated script) then it will leave it blank. Even with the prompt it says it's optional but encouraged.

[SillentTroll]

- Why should it be disabled by default? I don't agree it should, but understand why it is disabled by default: for easy and quick start of development on the local machine.

[dx034]

Isn't it as fast if you bind it to a local user by default? You can still change it afterwards, but that way there's no set up for developers.

[SillentTroll]

Yes, it is the same.

In my case the database already had some users configured. But because I did't start the server with --auth option, MongoDB ignored all users and allowed everyone to connect.