diff --git a/django_ynh/base_settings.py b/django_ynh/base_settings.py
index 71e8fa7..fd8cef5 100644
--- a/django_ynh/base_settings.py
+++ b/django_ynh/base_settings.py
@@ -20,6 +20,7 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'axes',  # https://github.com/jazzband/django-axes
+    'django_ynh',
 ]
 
 # -----------------------------------------------------------------------------
diff --git a/django_ynh/create_superuser.py b/django_ynh/create_superuser.py
deleted file mode 100644
index 95d2f40..0000000
--- a/django_ynh/create_superuser.py
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/env python3
-
-"""
-    Can be called e.g.:
-
-        poetry run create_superuser --ds="foo.settings" --username="bar" \
-            --email="foo@bar.tld" --password="no-password"
-
-    or, e.g.:
-
-        python3 -m django_ynh.create_superuser --ds="foo.settings" --username="bar" \
-            --email="foo@bar.tld" \
-            --password="no-password"
-"""
-
-import argparse
-import os
-import sys
-
-
-def main():
-    parser = argparse.ArgumentParser(description='Create or update Django super user.')
-    parser.add_argument('--ds', help='The "DJANGO_SETTINGS_MODULE" string')
-    parser.add_argument('--username')
-    parser.add_argument('--email')
-    parser.add_argument('--password')
-
-    args = parser.parse_args()
-
-    os.environ['DJANGO_SETTINGS_MODULE'] = args.ds
-
-    username = args.username
-    email = args.email or ''
-    password = args.password
-
-    import django
-
-    django.setup()
-
-    from django.contrib.auth import get_user_model
-
-    User = get_user_model()
-    user = User.objects.filter(username=username).first()
-    if user:
-        print(f'Update existing user "{user}" and set his password.', file=sys.stderr)
-        print(repr(password))
-        user.is_active = True
-        user.is_staff = True
-        user.is_superuser = True
-        user.set_password(password)
-        user.email = email
-        user.save()
-    else:
-        print(f'Create new super user "{username}"', file=sys.stderr)
-        User.objects.create_superuser(username=username, email=email, password=password)
-
-
-if __name__ == '__main__':
-    main()
diff --git a/django_ynh/management/__init__.py b/django_ynh/management/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/django_ynh/management/commands/__init__.py b/django_ynh/management/commands/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/django_ynh/management/commands/create_superuser.py b/django_ynh/management/commands/create_superuser.py
new file mode 100644
index 0000000..f69c2ba
--- /dev/null
+++ b/django_ynh/management/commands/create_superuser.py
@@ -0,0 +1,49 @@
+"""
+    Create or update Django super user with a unusable password
+
+    A "unusable password" because it's not needed while auth via SSOwat ;)
+
+    Can be called e.g.:
+        ./manage.py create_superuser --username="bar" --email="foo@bar.tld"
+"""
+
+
+import sys
+
+from django.contrib.auth import get_user_model
+from django.core.management import BaseCommand
+
+
+class Command(BaseCommand):
+    help = 'Create or update Django super user with a unusable password (auth via SSOwat)'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            "--username",
+            action="store",
+            required=True,
+        )
+        parser.add_argument(
+            "--email",
+            action="store",
+            required=True,
+        )
+
+    def handle(self, *args, **options):
+        username = options['username']
+        email = options['email']
+
+        User = get_user_model()
+        user = User.objects.filter(username=username).first()
+        if user:
+            self.stderr.write(f'Update existing user "{user}" and set his password.')
+            user.is_active = True
+            user.is_staff = True
+            user.is_superuser = True
+            user.email = email
+        else:
+            print(f'Create new super user "{username}"', file=sys.stderr)
+            user = User.objects.create_superuser(username=username, email=email, password=None)
+
+        user.set_unusable_password()
+        user.save()
diff --git a/pyproject.toml b/pyproject.toml
index 29e65d8..192af46 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -37,9 +37,6 @@ pyupgrade = "*"
 requires = ["poetry-core>=1.0.0"]
 build-backend = "poetry.core.masonry.api"
 
-[tool.poetry.scripts]
-create_superuser = "django_ynh.create_superuser:main"
-
 [tool.isort]
 # https://pycqa.github.io/isort/docs/configuration/config_files/#pyprojecttoml-preferred-format
 atomic=true
diff --git a/scripts/install b/scripts/install
index 194260e..197e9f8 100755
--- a/scripts/install
+++ b/scripts/install
@@ -122,9 +122,6 @@ chown -R "$app" "$final_path"
 # ================================================
 ynh_script_progression --message="Create django_ynh configuration file..."
 
-cp ../conf/create_superuser.py "$final_path/create_superuser.py"
-chmod +x "$final_path/create_superuser.py"
-
 gunicorn_conf="$final_path/gunicorn.conf.py"
 cp "../conf/gunicorn.conf.py" "$gunicorn_conf"
 ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$gunicorn_conf"
@@ -178,7 +175,8 @@ ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight
 
     ./manage.py migrate --no-input
     ./manage.py collectstatic --no-input
-    ./create_superuser.py --username="$admin" --email="$admin_mail" --password="django_ynh"
+
+    python -m django_ynh.create_superuser --ds="django_ynh_demo_settings" --username="$admin" --email="$admin_mail" --password="$app"
 
     # Check the configuration
     # This may fail in some cases with errors, etc., but the app works and the user can fix issues later.
diff --git a/scripts/upgrade b/scripts/upgrade
index ceb35c2..1ff3a2f 100755
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -105,11 +105,7 @@ chown -R "$app" "$final_path"
 #=================================================
 # copy config files
 # ================================================
-ynh_script_progression --message="Create django_ynh configuration file..."
-
-ynh_backup_if_checksum_is_different --file="$final_path/create_superuser.py"
-cp ../conf/create_superuser.py "$final_path/create_superuser.py"
-chmod +x "$final_path/create_superuser.py"
+ynh_script_progression --message="Create project configuration files..."
 
 gunicorn_conf="$final_path/gunicorn.conf.py"
 ynh_backup_if_checksum_is_different --file="$gunicorn_conf"
@@ -168,7 +164,9 @@ ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight
 
 	./manage.py migrate --no-input
 	./manage.py collectstatic --no-input
-	./create_superuser.py --username="$admin" --email="$admin_mail" --password="django_ynh"
+
+	# Create/update Django superuser (set unusable password, because auth done via SSOwat):
+	./manage.py create_superuser --username="$admin" --email="$admin_mail"
 
 	# Check the configuration
 	# This may fail in some cases with errors, etc., but the app works and the user can fix issues later.