Esc
Change Default Password
Definition
Changing the default password means replacing the factory-set credentials with a strong, unique password before the device is deployed, preventing unauthorized access.
How it works
Change the default password as soon as a new device is received. The default credentials are normally documented in an instruction manual that is either packaged with the device, published online through official means, or published online through unofficial means.
Considerations
- These should be changed before a device is brought online so that an adversary cannot take advantage of these default credentials.
- Strong and complex passwords are preferred if the technology allows.
loading...
loading...
References
All
Internet Article
External Knowledge Base
The following references were used to develop the Change Default Password knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)
CISA CPG Checklist
Reference Type: Internet Article Author: CISA
Guide to Operational Technology (OT) Security
Reference Type: Internet Article Author: NIST
MITRE ATT&CK - Password Policies
Reference Type: External Knowledge Base Author: MITRE
D3FEND™
A knowledge graph of cybersecurity countermeasures