Other reputational risks come from not giving users choices over their own installs.
More risks again from nagging users who don’t administrate the HA install to change something that they can’t.
It is possible to do this without the expense of annoying users, and that is accomplished by allowing a simple choice to disable the warning (at a back-end config if casual disabling is to be avoided).
It’s a good idea to have a strong password reminder built-in, it is also a good idea to allow HA system admins choose what warnings users see.
Another aspect of this is if nagging people to choose good passwords was going to work it would have worked already over the last 30 years we’ve been trying it but that moves away from the issue here.
What’s being asked for is a simple way to disable a legitimate warning after it has been seen. It’s not a big ask, it can be made ‘power user’ only by allowing deactivation via yaml only.
I remember how long it took to get the bogus ‘unauthorised access’ messages disabled, and I hope it’s not the same in this case.
I also think this thread should be locked, as it appears to have descended into vague insults over a simple config toggle.