Standard:
YALE-MSS-9.2: Utilize secure passwords for authentication
YALE-MSS-9.2.1: Change all default passwords
Low Risk Endpoint
Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Not Required
Moderate Risk Mobile Device
Not Required
High Risk Mobile Device
Not Required
Low Risk Network Printer
Required
Moderate Risk Network Printer
Required
High Risk Network Printer
Required
Details
Account defaults can make installation of an application or device easier. However, they are often public information and known to attackers. Leaving default credentials in place can result in a compromise.
All default passwords must be changed.
Examples of default passwords are "root", "administrator", "admin", "guest", and "password".
Vendor documentation may be helpful to identify default credentials.