{"id":1129,"date":"2019-11-06T15:17:07","date_gmt":"2019-11-06T20:17:07","guid":{"rendered":"https:\/\/ndisac.org\/dev\/dibscc\/?p=1129"},"modified":"2025-05-16T13:23:58","modified_gmt":"2025-05-16T18:23:58","slug":"default-passwords","status":"publish","type":"post","link":"https:\/\/ndisac.org\/dibscc\/implementation-and-assessment\/top-10-high-value-controls\/default-passwords\/","title":{"rendered":"Default Passwords"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”3.22″][et_pb_row _builder_version=”4.0.6″][et_pb_column type=”4_4″ _builder_version=”4.0.6″][et_pb_text admin_label=”Add Description Here” _builder_version=”4.9.2″ vertical_offset_tablet=”0″ horizontal_offset_tablet=”0″ z_index_tablet=”500″ text_text_shadow_horizontal_length_tablet=”0px” text_text_shadow_vertical_length_tablet=”0px” text_text_shadow_blur_strength_tablet=”1px” link_text_shadow_horizontal_length_tablet=”0px” link_text_shadow_vertical_length_tablet=”0px” link_text_shadow_blur_strength_tablet=”1px” ul_text_shadow_horizontal_length_tablet=”0px” ul_text_shadow_vertical_length_tablet=”0px” ul_text_shadow_blur_strength_tablet=”1px” ol_text_shadow_horizontal_length_tablet=”0px” ol_text_shadow_vertical_length_tablet=”0px” ol_text_shadow_blur_strength_tablet=”1px” quote_text_shadow_horizontal_length_tablet=”0px” quote_text_shadow_vertical_length_tablet=”0px” quote_text_shadow_blur_strength_tablet=”1px” header_text_shadow_horizontal_length_tablet=”0px” header_text_shadow_vertical_length_tablet=”0px” header_text_shadow_blur_strength_tablet=”1px” header_2_text_shadow_horizontal_length_tablet=”0px” header_2_text_shadow_vertical_length_tablet=”0px” header_2_text_shadow_blur_strength_tablet=”1px” header_3_text_shadow_horizontal_length_tablet=”0px” header_3_text_shadow_vertical_length_tablet=”0px” header_3_text_shadow_blur_strength_tablet=”1px” header_4_text_shadow_horizontal_length_tablet=”0px” header_4_text_shadow_vertical_length_tablet=”0px” header_4_text_shadow_blur_strength_tablet=”1px” header_5_text_shadow_horizontal_length_tablet=”0px” header_5_text_shadow_vertical_length_tablet=”0px” header_5_text_shadow_blur_strength_tablet=”1px” header_6_text_shadow_horizontal_length_tablet=”0px” header_6_text_shadow_vertical_length_tablet=”0px” header_6_text_shadow_blur_strength_tablet=”1px” box_shadow_horizontal_tablet=”0px” box_shadow_vertical_tablet=”0px” box_shadow_blur_tablet=”40px” box_shadow_spread_tablet=”0px”]Authenticators include passwords, cryptographic devices, biometrics, certificates, one-time password devices, and ID badges. Device authenticators include certificates and passwords. Initial authenticator content is the actual content of the authenticator (e.g., the initial password). In contrast, the requirements for authenticator content contain specific criteria or characteristics (e.g., minimum password length). Developers may deliver system components with factory default authentication credentials (i.e., passwords) to allow for initial installation and configuration. Default authentication credentials are often well known, easily discoverable, and present a significant risk.(Source)<\/a>[\/et_pb_text][et_pb_text _builder_version=”4.9.2″ _module_preset=”default” hover_enabled=”0″ locked=”off” sticky_enabled=”0″]\n\t\t\t

\n\t\t\t\t

\n\t\t