diff --git a/.github/workflows/browser-tests.yaml b/.github/workflows/browser-tests.yaml
index 345c838fdc..a562b7405d 100644
--- a/.github/workflows/browser-tests.yaml
+++ b/.github/workflows/browser-tests.yaml
@@ -12,6 +12,7 @@ jobs:
         name: "Kernel Behat Core tests"
         uses: ibexa/gh-workflows/.github/workflows/browser-tests.yml@main
         with:
+            ci-scripts-branch: 'ibx-9898'
             project-edition: 'oss'
             test-setup-phase-1: '--mode=standard --profile=core --suite=setup'
             test-suite: "--mode=standard --profile=core --tags='~@broken&&~@setup'"
diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon
index 1a7c8538ea..bb988256fb 100644
--- a/phpstan-baseline.neon
+++ b/phpstan-baseline.neon
@@ -3498,6 +3498,12 @@ parameters:
 			count: 1
 			path: src/bundle/Core/Fragment/SiteAccessSerializationTrait.php
 
+		-
+			message: '#^Method Ibexa\\Bundle\\Core\\IbexaCoreBundle\:\:getContainerExtension\(\) never returns null so it can be removed from the return type\.$#'
+			identifier: return.unusedType
+			count: 1
+			path: src/bundle/Core/IbexaCoreBundle.php
+
 		-
 			message: '#^Method Ibexa\\Bundle\\Core\\Imagine\\AliasCleaner\:\:removeAliases\(\) has no return type specified\.$#'
 			identifier: missingType.return
@@ -12828,6 +12834,12 @@ parameters:
 			count: 1
 			path: src/lib/MVC/Symfony/Security/UserInterface.php
 
+		-
+			message: '#^Property Ibexa\\Core\\MVC\\Symfony\\Security\\UserWrapped\:\:\$apiUser in isset\(\) is not nullable nor uninitialized\.$#'
+			identifier: isset.initializedProperty
+			count: 1
+			path: src/lib/MVC/Symfony/Security/UserWrapped.php
+
 		-
 			message: '#^Method Ibexa\\Core\\MVC\\Symfony\\SiteAccess\:\:__construct\(\) has parameter \$groups with no value type specified in iterable type array\.$#'
 			identifier: missingType.iterableValue
diff --git a/src/bundle/RepositoryInstaller/Command/InstallPlatformCommand.php b/src/bundle/RepositoryInstaller/Command/InstallPlatformCommand.php
index 240b971bc1..459daa585c 100644
--- a/src/bundle/RepositoryInstaller/Command/InstallPlatformCommand.php
+++ b/src/bundle/RepositoryInstaller/Command/InstallPlatformCommand.php
@@ -9,9 +9,12 @@
 
 use Doctrine\DBAL\Connection;
 use Ibexa\Contracts\Core\Container\ApiLoader\RepositoryConfigurationProviderInterface;
+use Ibexa\Contracts\Core\Repository\Exceptions\ContentFieldValidationException;
+use LogicException;
 use Psr\Cache\CacheItemPoolInterface;
 use Symfony\Component\Console\Attribute\AsCommand;
 use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\ArrayInput;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Input\InputOption;
@@ -84,9 +87,9 @@ protected function execute(InputInterface $input, OutputInterface $output): int
         $this->checkParameters();
         $this->checkCreateDatabase($output);
 
+        $io = new SymfonyStyle($input, $output);
         $schemaManager = $this->connection->getSchemaManager();
         if (!empty($schemaManager->listTables())) {
-            $io = new SymfonyStyle($input, $output);
             if (!$io->confirm('Running this command will delete data in all Ibexa generated tables. Continue?')) {
                 return self::SUCCESS;
             }
@@ -108,6 +111,17 @@ protected function execute(InputInterface $input, OutputInterface $output): int
         $installer->importSchema();
         $installer->importData();
         $installer->importBinaries();
+
+        if ($input->isInteractive()) {
+            $io->warning(
+                'For security reasons, you\'re required to change the default admin password. Remember to follow currently set password validation rules.'
+            );
+
+            do {
+                $exitCode = $this->changeDefaultAdminPassword($input);
+            } while ($exitCode !== self::SUCCESS);
+        }
+
         $this->cacheClear($output);
 
         if (!$input->getOption('skip-indexing')) {
@@ -272,4 +286,32 @@ private function executeCommand(OutputInterface $output, $cmd, $timeout = 300)
             throw new \RuntimeException(sprintf('An error occurred when executing the "%s" command.', escapeshellarg($cmd)));
         }
     }
+
+    private function changeDefaultAdminPassword(InputInterface $input): int
+    {
+        $io = new SymfonyStyle($input, $this->output);
+        $password = $io->askHidden('Password (your input will be hidden)');
+
+        $commandInput = new ArrayInput([
+            'command' => 'ibexa:user:update-user',
+            'user' => 'admin',
+            '--password' => $password,
+        ]);
+
+        $application = $this->getApplication();
+
+        if ($application === null) {
+            throw new LogicException('Command application not found');
+        }
+
+        try {
+            $application->doRun($commandInput, $this->output);
+        } catch (ContentFieldValidationException $e) {
+            $io->error($e->getMessage());
+
+            return self::FAILURE;
+        }
+
+        return self::SUCCESS;
+    }
 }