Remove PASSWORD_HASH from user-facing config — plaintext PASSWORD only

password_hash remains as an internal field (used by auth system and DB),
but is no longer documented or advertised as a config option.

README.md

@@ -76,8 +76,7 @@ These are the knobs most operators actually touch — all shown commented out in
 |----------|---------|-------------|
 | `MEDIARIP__ADMIN__ENABLED` | `true` | Enable admin panel |
 | `MEDIARIP__ADMIN__USERNAME` | `admin` | Admin username |
-| `MEDIARIP__ADMIN__PASSWORD` | _(empty)_ | Admin password (plaintext — hashed on startup, never stored) |
+| `MEDIARIP__ADMIN__PASSWORD` | _(empty)_ | Admin password (hashed on startup, never stored as plaintext) |
-| `MEDIARIP__ADMIN__PASSWORD_HASH` | _(empty)_ | Bcrypt hash (alternative to plaintext — for advanced users) |
 
 #### Purge
 
@@ -169,7 +168,7 @@ For production with TLS, use the included Caddy reverse proxy:
 ```bash
 cp docker-compose.example.yml docker-compose.yml
 cp .env.example .env
-# Edit .env with your domain and admin password hash
+# Edit .env with your domain and admin password
 docker compose up -d
 ```
 

backend/app/core/config.py

@@ -98,7 +98,7 @@ class AdminConfig(BaseModel):
     enabled: bool = True
     username: str = "admin"
     password: str = ""       # Plaintext — hashed on startup, never stored
-    password_hash: str = ""  # Bcrypt hash — set directly or derived from password
+    password_hash: str = ""  # Internal — set by app on startup or first-run wizard
 
 
 # ---------------------------------------------------------------------------