• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Raspberry Pi Ditches Default Logins to Boost Security

You are here: Home / General Cyber Security News / Raspberry Pi Ditches Default Logins to Boost Security
April 11, 2022

The developers at the rear of Raspberry Pi have improved security by forcing end users to choose a new username and password on start-up.

Senior principal computer software engineer, Simon Prolonged, explained in a blog site put up that earlier, customers ended up equipped to hold the default username “pi.” They had been also capable to bypass a set up wizard which requested customers to pick a new password on commence-up, which would depart them with the default solution of “raspberry.”

This produced it less difficult for attackers to guess or brute drive this sort of devices.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


A honeypot-centered study by Bulletproof published last month claimed the login combo of “pi” and “raspberry” was amid the most well known used by malicious bots to check out and obtain equipment set up by the researchers.

If linked to a company network, Raspberry Pis could hence signify a weak connection in the cybersecurity chain.

“This is not surprising as our exploration reveals that there are nicely over 200,000 devices on the internet operating the typical Raspberry Pi OS generating it a respectable number of units to compromise,” Bulletproof claimed at the time. “As the Raspberry Pi OS ships with default credentials (un:pi/pwd:raspberry) it’s small-hanging fruit for hackers. What this tells us is that even default passwords are not currently being altered.”

According to the new setup process, the default “pi” consumer is currently being taken off, and customers will require to decide on a new title on initial boot up. The start off-up wizard will also be non-negotiable, forcing them to pick a new password just before being capable to use the gadget.

“The wizard itself is largely unchanged from right before, with the important difference remaining that when you ended up earlier prompted for a new password, you are now prompted for a user name and a password,” explained Prolonged.

“If you definitely want to, you can set these to ‘pi’ and ‘raspberry’ as before – you will get a warning information that carrying out so is unwise, but it is your selection – some program could possibly demand the ‘pi’ person, so we are not remaining completely authoritarian about this. But we actually would recommend deciding on anything else.”

There is separate guidance for people operating a headless setup.


Some parts of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News FIN7 Pen Tester Gets Five Years Behind Bars

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Raspberry Pi Ditches Default Logins to Boost Security
  • FIN7 Pen Tester Gets Five Years Behind Bars
  • Microsoft’s New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date
  • Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware
  • Chinese Hacker Groups Continue to Target Indian Power Grid Assets
  • Researchers Connect BlackCat Ransomware with Past BlackMatter Malware Activity
  • Northern Ireland TrustFord Sites Hit by Ransomware Gang
  • Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
  • Finland Government Sites Forced Offline by DDoS Attacks
  • #ISC2Events: Supply Chain Security is a Multifaceted Challenge

Copyright © TheCyberSecurity.News, All Rights Reserved.