Point-of-Sale vendor has used the same admin password for 25 years

Alan Martin reports:

A major vendor of point-of-sale terminals has not changed the default passwords used on its devices in a quarter of a century, researchers have revealed at RSA 2015.

The firm was not named during the presentation by Charles Henderson and David Byrne for security reasons, but it is said to be a widely used manufacturer. Although the password can (and should) be changed, CIO reports that the researchers believed in most cases they were left as customers assumed the password – 166816 – was unique to them.

Read more on WeLiveSecurity. Also see The Register‘s coverage.

Software companies must be held liable for British economic security, say MPs
UK privacy regulator has seen ‘collapse in enforcement activity,’ rights coalition says
SEC Voluntarily Dismisses SolarWinds Litigation
Cyberattack disables Onsolve Code Red emergency alert system across St. Louis region (1)
Des Moines Man Charged with Computer Fraud
CrowdStrike catches insider feeding information to ScatteredLapsus$Hunters

Point-of-Sale vendor has used the same admin password for 25 years

Related:

1 thought on “Point-of-Sale vendor has used the same admin password for 25 years”