Browse Definitions :
Definition

default password

What is a default password?

A default password is a standard preconfigured password for a device or software. Such passwords are the default configuration for many devices and, if unchanged, present a serious security risk.

Default passwords are intended to be placeholders and used only for the initial setup of hardware or after a factory reset. The user enters the password and is usually prompted to change it as part of the process, but not always.

Examples of default passwords include admin, password and guest. When vendors use these single default passwords, they can be easily found online through search or on websites that provide compiled lists. This makes them a large security risk if left unchanged.

What are default passwords used for?

Default passwords are commonly used for routers, access points, switches and firewalls. They're also common in embedded systems, industrial control systems (ICS) and remote terminal interfaces.

password hygiene shortcomings
Users often neglect password best practices in numerous ways, according to Ponemon Institute research.

Why are default passwords a security risk?

Left unchanged, default passwords provide an easy attack vector for network equipment; if the owner also connects to a corporate network, that risk extends to the business as well. An attacker who logs into a device successfully is likely to have administrative-level access. This gives them complete control over the device and any connected networks.

The risk is also severe with embedded systems and ICS security because these environments weren't originally intended to be accessible over the internet. However, given today's IoT environments, almost anything can be made available via an internet connection, and while there are many benefits to IoT connectivity, enhanced security isn't among them.

How can default passwords be mitigated?

Default passwords are a well-known security risk that can easily be mitigated by changing them to strong, unique ones.

This should be done for every device on a network, including routers, switches and access points. For more sensitive devices, such as those used in ICS security or supervisory control and data acquisition (SCADA), it's also important to change the default username.

What are the characteristics of a strong password?

The following are some characteristics of a strong password:

  • at least 8 characters long;
  • a mix of upper and lowercase letters, numbers and symbols;
  • not a dictionary word or a word that's easily guessed;
  • changed regularly; and
  • not reused on other accounts.
password vs. passphrase
Converting a common passphrase such as I have 2 Labrador retrievers! Fido and Spot into Ih2Lr!F+S is not only easy to remember, but more secure and harder to hack.

How should passwords be stored?

Passwords should be stored in a password manager. This is a piece of software that stores passwords securely, encrypting them so that they can only be accessed with a master password. A password manager can generate strong passwords and help manage different ones for various accounts.

When choosing a password manager, look for one that offers two-factor authentication (2FA) or multi-factor authentication (MFA).

As mentioned above, this adds an extra layer of security by requiring the user to confirm their identity with a second factor, such as a fingerprint, PIN or one-time code sent to their phone.

Learn how to prevent password attacks and other unauthorized threats, discover the top cybersecurity best practices to protect your business and explore five important password hygiene tips and best practices.

This was last updated in October 2022

Continue Reading About default password

Networking
  • secure access service edge (SASE)

    Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native...

  • NBASE-T Ethernet

    NBASE-T Ethernet is an IEEE standard and Ethernet-signaling technology that enables existing twisted-pair copper cabling to ...

  • SD-WAN security

    SD-WAN security refers to the practices, protocols and technologies protecting data and resources transmitted across ...

Security
  • cloud security

    Cloud security, also known as 'cloud computing security,' is a set of policies, practices and controls deployed to protect ...

  • privacy impact assessment (PIA)

    A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of...

  • proof of concept (PoC) exploit

    A proof of concept (PoC) exploit is a nonharmful attack against a computer or network. PoC exploits are not meant to cause harm, ...

CIO
HRSoftware
  • diversity, equity and inclusion (DEI)

    Diversity, equity and inclusion is a term used to describe policies and programs that promote the representation and ...

  • ADP Mobile Solutions

    ADP Mobile Solutions is a self-service mobile app that enables employees to access work records such as pay, schedules, timecards...

  • director of employee engagement

    Director of employee engagement is one of the job titles for a human resources (HR) manager who is responsible for an ...

Customer Experience
  • customer retention

    Customer retention is a metric that measures customer loyalty, or an organization's ability to retain customers over time.

  • virtual agent

    A virtual agent -- sometimes called an intelligent virtual agent (IVA) -- is a software program or cloud service that uses ...

  • chatbot

    A chatbot is a software or computer program that simulates human conversation or "chatter" through text or voice interactions.

Close