In cases where an external identify provider is not available (dev / staging environments), local role-based accounts may be created. Credentials for these are encrypted using scrypt (256 bit AES using GCM ciphers) prior to storage. No “default” passwords exist for these.