Are you still using the Default Admin password on every copier you install?

**SalesServiceGuy** · 04-12-2021, 06:46 PM

Re: Are you still using the Default Admin password on every copier you install?

What effect can changing the default Admin password have on used equipment purchased from a 3rd party equipment broker?

**srvctec** · 04-12-2021, 08:07 PM

Re: Are you still using the Default Admin password on every copier you install?

I've been trying to get our customers to change the default admin password for a few years but they don't want to (neither do the other techs). To me it's just common sense to change it but laziness runs deep. I'm finally getting the CE Auth turned on for most of our machines (well, until another tech just turns it off because it's too much trouble for them) because everybody else is too lazy and thinks it's just stupid. We've already had an accounting firm say they were audited and discovered default admin passwords on our equipment a few years ago so they put in their own. I've come up with our own to use on all our customer's machines if they don't want to use their own but like I said, nobody wants to remember a new one, even after being explained to about it being a security risk.

**bsm2** · 04-12-2021, 08:19 PM

Re: Are you still using the Default Admin password on every copier you install?

The problem is on some machines if you forget or change it the only way to reset it is to wipe everything on that equipment.

**tsbservice** · 04-12-2021, 08:27 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by srvctec

I've been trying to get our customers to change the default admin password for a few years but they don't want to (neither do the other techs). To me it's just common sense to change it but laziness runs deep. I'm finally getting the CE Auth turned on for most of our machines (well, until another tech just turns it off because it's too much trouble for them) because everybody else is too lazy and thinks it's just stupid. We've already had an accounting firm say they were audited and discovered default admin passwords on our equipment a few years ago so they put in their own. I've come up with our own to use on all our customer's machines if they don't want to use their own but like I said, nobody wants to remember a new one, even after being explained to about it being a security risk.

This is very stupid action I mean to turn off CE mode password. What a lazy techs you work with. Without CE password you cannot use Remote panel for example(very useful) plus if you need to repeatedly enter Admin and CE passwords you can use temporarily Maintenance mode.
But letting/persuading EVERY user change Admin password is huge huge task. I mean I'm all in with that but aftereffects are frightening at least. This must be charged 100% if they forget/lost their own password plus enormous efforts to find someone tells you Admin password(or input it on behalf of you) on every single account. I made remote maintenance on hundreds devices and without Admin password will have no chance to do a simple tasks not even updating the Firmware in background(outside of business hours).

**SalesServiceGuy** · 04-12-2021, 08:50 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by srvctec

I've been trying to get our customers to change the default admin password for a few years but they don't want to (neither do the other techs). To me it's just common sense to change it but laziness runs deep. I'm finally getting the CE Auth turned on for most of our machines (well, until another tech just turns it off because it's too much trouble for them) because everybody else is too lazy and thinks it's just stupid. We've already had an accounting firm say they were audited and discovered default admin passwords on our equipment a few years ago so they put in their own. I've come up with our own to use on all our customer's machines if they don't want to use their own but like I said, nobody wants to remember a new one, even after being explained to about it being a security risk.

The abbreviation CE Auth stands for?

"but laziness runs deep" is the key phrase. Many customers do not understand the risks of malware infecting their network.

**SalesServiceGuy** · 04-12-2021, 08:58 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by bsm2

The problem is on some machines if you forget or change it the only way to reset it is to wipe everything on that equipment.

One way to get around this is to subscribe for a fee to a service like Password Manager for Families, Businesses, Teams | 1Password where every password is recorded behind one password to enter the site.

**SalesServiceGuy** · 04-12-2021, 09:02 PM

Re: Are you still using the Default Admin password on every copier you install?

If a copier is protected by a default User Name and a password, is it necessary to change both the User Name and the Password or just the password?

**KenB** · 04-12-2021, 10:09 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by SalesServiceGuy

The abbreviation CE Auth stands for?

"but laziness runs deep" is the key phrase. Many customers do not understand the risks of malware infecting their network.

**copier tech** · 04-13-2021, 10:14 AM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by SalesServiceGuy

I know it is easier to leave the default Admin password on every copier/printer you install the same.

Copier/Print manufacturers have invested $$$ in making their devices more secure but this can all be easily defeated by Googling common device passwords like "Admin/ 123456".

Many low end print devices do not even have an Admin password enabled. It is there but requires a little extra effort to enable.

Are you making life easier for hackers to attack your customer with Ransomware?

Ransomware attacks are escalating around the world with high $ demanded and potentially crippling consequences.

No one expects you to rush out and change all of the default passwords in your care but if your client has a 3rd party security audit performed, any default password will be immediately flagged as a risk.

I know there are lots of free methods to record your new passwords but how would you plan to implement this over 100's of print devices in your care?

Yes leave them as the factory default.

If a hacker has managed to gain access to the customers network they wont be interested in the copier, more their server.

**BillyCarpenter** · 04-13-2021, 10:42 AM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by copier tech

Yes leave them as the factory default.

If a hacker has managed to gain access to the customers network they wont be interested in the copier, more their server.

I don't have a dog in this race but I think the counter argument would be "what documents are stored on the hard drive of the copier"? Tax returns? Personal info? Hackers like to go for the low hanging fruit.

**BillyCarpenter** · 04-13-2021, 01:09 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by SalesServiceGuy

I know there are lots of free methods to record your new passwords but how would you plan to implement this over 100's of print devices in your care?

Why would you need a different password for each machine if the objective is to keep a hacker from finding the default password on google? Couldn't you change to the password and use the same one for all machines?

**KYO_OEM** · 04-13-2021, 02:45 PM

Re: Are you still using the Default Admin password on every copier you install?

@Billy,

KDC is not sleeping.
California IoT Security Act SB 327 Enclosed new security rule for next generation of Iris (TaskAlfa 2554ci, etc..)If "older" systems get this "modification", i don`t know at the moment.
new security settings.JPG

**BillyCarpenter** · 04-13-2021, 03:17 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by KYO_OEM

@Billy,

KDC is not sleeping.
California IoT Security Act SB 327 Enclosed new security rule for next generation of Iris (TaskAlfa 2554ci, etc..)If "older" systems get this "modification", i don`t know at the moment.
[ATTACH=CONFIG]48899[/ATTACH]

Thanks KYO. You always provide the correct answer.

**SalesServiceGuy** · 04-13-2021, 05:36 PM

Re: Are you still using the Default Admin password on every copier you install?

Originally posted by BillyCarpenter

Why would you need a different password for each machine if the objective is to keep a hacker from finding the default password on google? Couldn't you change to the password and use the same one for all machines?

... that would be a violation of a Security audit. Each network device must have a different password.

Are you still using the Default Admin password on every copier you install?

Are you still using the Default Admin password on every copier you install?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment