Default password definition
A default password is a password that’s been preconfigured by a manufacturer or system administrator for a device or system. Usually, it’s a generic password used as a placeholder until a user sets up their personal password.
Default passwords are commonly used in routers, network switches, computer operating systems, or software applications. These passwords are documented by the manufacturer for initial access or setup purposes.
See also: botnet
The dangers of not changing the default password
Users should immediately change the default password with their own strong and unique password. Default passwords are often widely known or easily discoverable, so leaving the default password unchanged poses these risks:
- Unauthorized access. Default passwords make it easier for unauthorized individuals to gain access to devices or systems. They can then exploit this access to steal sensitive information, manipulate settings, or carry out malicious activities.
- Security vulnerabilities. Default passwords are often shared among multiple devices or systems of the same model. This means that if a vulnerability or exploit is discovered for one device, it can potentially be used to compromise other devices that still have their default passwords.
- Botnet recruitment. A botnet is a network of compromised devices that are used to carry out coordinated attacks, e.g., distributed denial-of-service. Some attackers scan the internet for devices with default passwords to build botnets.