System currently relies on either a hard coded default password or a password hash being passed as part of the import. Not ideal