You can change the default superuser from the default cassandra user.
By default, each installation of Cassandra includes a superuser account named
cassandra whose password is also cassandra. A superuser grants initial permissions
to access Cassandra data, and subsequently a user may or may not be given the
permission to grant/revoke permissions.
Procedure
-
Configure internal authentication if you have not already done
so.
-
Create another superuser, not named cassandra, using the CREATE USER command.
-
Log in as that new superuser.
-
Change the cassandra user password to something long and incomprehensible, and
then forget about it. It won't be used again.
-
Take away the cassandra user's superuser status.
-
Now, that the superuser password is secure, set up user accounts and authorize
users to access the database objects by using CQL to grant them permissions on those objects.
CQL supports the following authentication statements: