The INP-1188 - Getting issue details... STATUS introduced cookie encryption functionality so that even information stored in cookies can't be mangled. This functionality uses random string (added in INP-1187 - Getting issue details... STATUS ) as encryption key and that works pretty fine for existing In-Portal install.
The random string used for cookie encryption (including session cookie where user login fact is stored) is generated only at the installation end, but the user must be logged in to perform the installation. Even serious encryption classes (added in INP-1756 - Getting issue details... STATUS ) suffer from the same problem (encryption keys are generated at the installation end).
Solution
Generate random string (when absent) once database structure is ready. Generate encryption keys (when absent) at once "/system/config.php" file is ready.