[hactually]

I think the fact it's so weak (disabled1system1user6708) and it was part of the default.properties adds insult to injury.

[feet]

I understand the hard coding is bad, but what makes that a weak password?

[redanddead]

one anecdote that might be relevant is that on bitwarden when I go to generate a new password, I can let my password be 64 characters long, have symbols, uppercase, lowercase etc. I can even make it generate a key phrase

in comparison to that, disabled1system1user6708 seems pretty weak

[feet]

Using kaspersky's password checker at https://password.kaspersky.com we can easily check the brute-foecability of any given string.

Using this method we can see that this password (disabled1system1user6708) would take over 10,000 centuries to brute force

That seems relatively secure to me