Unless you have other compensating controls in place. We just placed several MFP's with a regulated customer, all of them have the same admin credentials but the web interface is only available from a single administrative system that is accessible via AD by specific staff, anyone else who tries to log in is blocked by Group policy.
Yes, you could use the credentials from the machine's op panel, but at that point you're not getting very far since the machines can only talk to two internal servers, and those are configured using Windows authentication which isn't directly accessible from either the web interface or the machine itself.
It all depends on how granular you want to get, and even in smaller environments we may set up different admin accounts for different functions.
Overall, we definitely do NOT use the default passwords on any MFP. We will set one just for our staff for customer machines so that there is a fallback if they forget their password, but only two of our staff have access to those, and if it gets used for a specific machine, we will change it on the next service visit.
Bookmarks