Create an Admin Account on the Journalist Interface¶
In order for any user (admin or journalist) to access the Journalist Interface, they need:
auth-cookiefor the Journalist Interface’s ATHS
- An account on the Journalist Interface, which requires the following
credentials to log in:
- Two-factor authentication code
You should create a separate account on the Journalist Interface for each user who needs access. This makes it easy to enable or disable access to the Journalist Interface on an individual basis, so you can grant access to new users or revoke access for users who have left the organization or should no longer be allowed to access the Journalist Interface.
There are two types of accounts on the Journalist Interface: admin accounts and normal accounts. Admins accounts are like normal accounts, but they are additionally allowed to manage (add, change, delete) other user accounts through the web interface.
You must create the first admin account on the Journalist Interface by running a command on the Application Server. After that, the Journalist Interface admin can create additional accounts through the web interface.
If you are installing SecureDrop yourself, to create the first admin account, SSH to the Application Server, then:
sudo -u www-data bash cd /var/www/securedrop ./manage.py add-admin
Follow the prompts.
A secure diceware passphrase will be generated by manage.py. You will see output like this:
This journalist's passphrase is: delivery propose requisite stunner dragonfly unstamped stowaway
Passphrases include the spaces between the words, but not leading or trailing whitespace. Be sure to save this passphrase in the appropriate KeePassXC database.
Once that’s done, you should open Tor Browser and navigate to the Journalist Interface’s .onion address. Verify that you can log in to the Journalist Interface with the admin account you just created.
For adding more user accounts, please refer now to our Admin Interface Guide.
You can now set a custom logo image on your web interfaces by following the Updating Logo Image documentation.