Neo4j
Neo4jdatabase4 credentials1 default credential
Initial neo4j User Password
neo4j / default-neo4j
Neo4j creates a default neo4j user for initial database access. Historical/default startup credentials use neo4j/neo4j and require changing the password before normal use.
Default credentials
neo4j:neo4jLocation
Bolt, Browser, Cypher Shell, HTTP API, and Neo4j Ops Manager integrationssystem database auth records and password hashes
initial password files, deployment manifests, and dbms security settings
debug.log, security.log, query logs, and authentication errors
Notes
neo4j/neo4j is the initial password pattern; modern deployments force a password change or accept a deployment-provided initial password.
Database User Password
neo4j / database-user-password
Neo4j native users and roles authenticate for database, cluster, and API access through native auth or external providers.
Location
system database user, role, and auth metadata
Bolt, Browser, HTTP API, Cypher Shell, and driverspassword vaults, Kubernetes Secrets, and deployment secret stores
application configs, tests, and driver connection settings
security logs, driver debug output, and query logs
Driver URI / Application Credential
neo4j / driver-connection-secret
Applications store Neo4j URIs, usernames, passwords, bearer tokens, and client certificate keys for driver connections.
Location
application.yml, .env files, driver configs, Helm values, and Docker Compose files
NEO4J_URI, NEO4J_USERNAME, NEO4J_PASSWORD, NEO4J_AUTHCI/CD variables, cloud secret managers, and Kubernetes Secrets
application repositories and integration tests
driver connection errors and debug traces
TLS, Cluster, and Backup Secrets
neo4j / ssl-cluster-secrets
Neo4j deployments use TLS private keys, cluster discovery secrets, backup credentials, and sometimes Kerberos/LDAP bind credentials for enterprise security.
Looks like
pattern-----BEGIN (RSA |EC |ENCRYPTED |)PRIVATE KEY-----Location
neo4j.conf, certificates/TLS, auth provider, clustering, and backup settings
certificate stores, Kubernetes Secrets, and vaults
database backups, dumps, and diagnostics bundles
cluster, TLS, backup, and auth provider logs
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.