diff --git a/barbican/common/config.py b/barbican/common/config.py
index 5dd02a206..7ba23e25f 100644
--- a/barbican/common/config.py
+++ b/barbican/common/config.py
@@ -89,7 +89,7 @@ db_opts = [
     cfg.IntOpt('sql_retry_interval', default=1,
                help=u._("Interval between retries of opening a SQL "
                         "connection.")),
-    cfg.BoolOpt('db_auto_create', default=True,
+    cfg.BoolOpt('db_auto_create', default=False,
                 help=u._("Create the Barbican database on service startup.")),
     cfg.IntOpt('max_limit_paging', default=100,
                help=u._("Maximum page size for the 'limit' paging URL "
diff --git a/doc/source/contributor/database_migrations.rst b/doc/source/contributor/database_migrations.rst
index 5b42dc3ee..9cc17b144 100644
--- a/doc/source/contributor/database_migrations.rst
+++ b/doc/source/contributor/database_migrations.rst
@@ -12,10 +12,6 @@ Database migrations can be optionally enabled during the API startup process.
 Corollaries for this are that a new deployment should begin with only one node
 to avoid migration race conditions.
 
-Alternatively, the automatic update startup behavior can be disabled, forcing
-the use of the migration script. This latter mode is probably safer to use in
-production environments.
-
 Policy
 -------
 
diff --git a/doc/source/install/common_configure.rst b/doc/source/install/common_configure.rst
index 27184c378..bb8339119 100644
--- a/doc/source/install/common_configure.rst
+++ b/doc/source/install/common_configure.rst
@@ -51,12 +51,10 @@
 
 #. Populate the Key Manager service database:
 
-   The Key Manager service database will be automatically populated
-   when the service is first started.  To prevent this, and run the
-   database sync manually, edit the ``/etc/barbican/barbican.conf`` file
-   and set db_auto_create in the ``[DEFAULT]`` section to False.
-
-   Then populate the database as below:
+   If you wish the Key Manager service to automatically populate the
+   database when the service is first started, set db_auto_create to
+   True in the ``[DEFAULT]`` section. By default this will not be active
+   and you can populate the database manually as below:
 
    .. code-block:: console
 
diff --git a/releasenotes/notes/update-autodbcreate-default-31b5a86063b91444.yaml b/releasenotes/notes/update-autodbcreate-default-31b5a86063b91444.yaml
new file mode 100644
index 000000000..4942f1f73
--- /dev/null
+++ b/releasenotes/notes/update-autodbcreate-default-31b5a86063b91444.yaml
@@ -0,0 +1,8 @@
+---
+upgrade:
+  - |
+    Default for auto_db_create has been changed to False (was True). This is a
+    change compared to the previous behavior, but required to protect
+    production deployments from performing upgrades without control. If you
+    wish to keep the auto db creation/upgrade behavior, change this to True
+    in your configuration.