• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Raspberry Pi Ditches Default Logins to Boost Security

You are here: Home / General Cyber Security News / Raspberry Pi Ditches Default Logins to Boost Security
April 11, 2022

The developers at the rear of Raspberry Pi have improved security by forcing end users to choose a new username and password on start-up.

Senior principal computer software engineer, Simon Prolonged, explained in a blog site put up that earlier, customers ended up equipped to hold the default username “pi.” They had been also capable to bypass a set up wizard which requested customers to pick a new password on commence-up, which would depart them with the default solution of “raspberry.”

This produced it less difficult for attackers to guess or brute drive this sort of devices.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


A honeypot-centered study by Bulletproof published last month claimed the login combo of “pi” and “raspberry” was amid the most well known used by malicious bots to check out and obtain equipment set up by the researchers.

If linked to a company network, Raspberry Pis could hence signify a weak connection in the cybersecurity chain.

“This is not surprising as our exploration reveals that there are nicely over 200,000 devices on the internet operating the typical Raspberry Pi OS generating it a respectable number of units to compromise,” Bulletproof claimed at the time. “As the Raspberry Pi OS ships with default credentials (un:pi/pwd:raspberry) it’s small-hanging fruit for hackers. What this tells us is that even default passwords are not currently being altered.”

According to the new setup process, the default “pi” consumer is currently being taken off, and customers will require to decide on a new title on initial boot up. The start off-up wizard will also be non-negotiable, forcing them to pick a new password just before being capable to use the gadget.

“The wizard itself is largely unchanged from right before, with the important difference remaining that when you ended up earlier prompted for a new password, you are now prompted for a user name and a password,” explained Prolonged.

“If you definitely want to, you can set these to ‘pi’ and ‘raspberry’ as before – you will get a warning information that carrying out so is unwise, but it is your selection – some program could possibly demand the ‘pi’ person, so we are not remaining completely authoritarian about this. But we actually would recommend deciding on anything else.”

There is separate guidance for people operating a headless setup.


Some parts of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News FIN7 Pen Tester Gets Five Years Behind Bars
Next Post: Fraudsters Steal £58m in 2021 Via Remote Access Tools Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Freejacking Campaign By PurpleUrchin Bypasses Captchas
  • ChatGPT Used to Develop New Malicious Tools
  • Dark Web Actors Fight For Drug Trafficking and Illegal Pharmacy Supremacy
  • Kinsing Cryptojacking Hits Kubernetes Clusters via Misconfigured PostgreSQL
  • New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
  • UK insurer announces ‘world-first’ cyber catastrophe bond
  • Why Do User Permissions Matter for SaaS Security?
  • FCC plans strict overhaul of 15-year-old US data breach regulations
  • Security updates for Windows 7 finally end, users urged to upgrade
  • Global Cyber-Attack Volume Surges 38% in 2022

Copyright © TheCyberSecurity.News, All Rights Reserved.