diff --git a/conf/mentat-hawat.py.conf b/conf/mentat-hawat.py.conf
index 533824ab49d50d9b44b5f4d6aa1bc823fd09e615..945804d7ae76cc04c4963d1f83eef61911e31a12 100644
--- a/conf/mentat-hawat.py.conf
+++ b/conf/mentat-hawat.py.conf
@@ -40,7 +40,7 @@ ENABLED_BLUEPRINTS = [
     'vial.blueprints.changelogs',
 
     'hawat.blueprints.auth_env',
-    'hawat.blueprints.auth_dev',
+    #'hawat.blueprints.auth_dev',
     'hawat.blueprints.auth_pwd',
     'hawat.blueprints.home',
     'hawat.blueprints.reports',
diff --git a/doc/sphinx/_doclib/installation.rst b/doc/sphinx/_doclib/installation.rst
index f934c3c21a85277cf9eadf70d71d3493908695cf..1784ef1972dfd4f8b0350fb91c53f91f587e0938 100644
--- a/doc/sphinx/_doclib/installation.rst
+++ b/doc/sphinx/_doclib/installation.rst
@@ -618,7 +618,10 @@ ready for deployment out of the box:
     a2ensite site_mentat.conf
 
     # !!!!! THIS STEP IS SUPER IMPORTANT !!!!!
-    # Step 5: Change default SECRET_KEY in /etc/mentat/mentat-hawat.py.conf:
+    # Step 5: In file /etc/mentat/mentat-hawat.py.conf change default SECRET_KEY and
+    # in production deployment make sure, that ENABLED_BLUEPRINTS key does not
+    # contain 'hawat.blueprints.auth_dev', or that is is commented out. Otherwise
+    # you would enable anyone impersonate any other user without password.
     # !!!!! THIS STEP IS SUPER IMPORTANT !!!!!
     vim /etc/mentat/mentat-hawat.py.conf
 
@@ -634,6 +637,12 @@ ready for deployment out of the box:
     # (please adjust the attributes, do not simply copy and paste):
     mentat-dbmngr.py --command user-add login=superman "fullname=Clark Kent" email=kent@dailyplanet.com "organization=Daily Planet, inc." roles=user,admin
 
+.. warning::
+
+    Please make sure you have read step 5 in the recipe above. The :ref:`section-hawat-plugin-auth-dev`
+    authentication module in particular is a HUGE security risk when enabled in production
+    installation and accessible from network.
+
 .. warning::
 
     For demonstration purposes Mentat package ships with preconfigured ``htpasswd``
diff --git a/hawat.local.conf b/hawat.local.conf
index ee83f97575bee4d08608eec0f208f757c1a68e64..0ccecb0e72ddd436631bae4b000d1ed83349e774 100644
--- a/hawat.local.conf
+++ b/hawat.local.conf
@@ -5,3 +5,32 @@ MAIL_DEFAULT_SENDER = 'mentat@cesnet.cz'
 HAWAT_LOG_DEFAULT_LEVEL = 'debug'
 HAWAT_LOG_FILE = '/var/tmp/mentat-hawat.py.log'
 HAWAT_LOG_FILE_LEVEL = 'debug'
+ENABLED_BLUEPRINTS = [
+    'vial.blueprints.auth',
+    'vial.blueprints.auth_api',
+    'vial.blueprints.design_bs3',
+    'vial.blueprints.devtools',
+    'vial.blueprints.changelogs',
+
+    'hawat.blueprints.auth_env',
+    'hawat.blueprints.auth_dev',
+    'hawat.blueprints.auth_pwd',
+    'hawat.blueprints.home',
+    'hawat.blueprints.reports',
+    'hawat.blueprints.events',
+    'hawat.blueprints.hosts',
+    'hawat.blueprints.timeline',
+    'hawat.blueprints.dnsr',
+    #'hawat.blueprints.pdnsr',
+    'hawat.blueprints.geoip',
+    #'hawat.blueprints.nerd',
+    'hawat.blueprints.whois',
+    'hawat.blueprints.performance',
+    'hawat.blueprints.status',
+    'hawat.blueprints.dbstatus',
+    'hawat.blueprints.users',
+    'hawat.blueprints.groups',
+    'hawat.blueprints.settings_reporting',
+    'hawat.blueprints.filters',
+    'hawat.blueprints.networks',
+]