Raspberry Pi OS removes default user to prevent brute force

by Emma Davis
April 12, 2022
Raspberry PiOS
Written by Emma Davis

The Raspberry Pi developers have updated their OS by removing the default user, pi, from it. This measure is designed to make it harder for attackers to hack into devices accessible via the Internet using brute force and default credentials.

Now, when installing the OS, the user will be prompted to create an account by selecting a username and password, although before the installer only requested the user’s password.

You can no longer skip this step, whereas previously you could click Cancel and use the default credentials: pi/raspberry. Although users will still be able to use pi/raspberry as their login and password, the system will warn them that this is not a smart choice.

Raspberry PiOS

We are not getting rid of the pi user in existing installations. We do not discourage anyone from using pi and raspberry as username and password on a fresh install. We’re just helping people who care about security not to have the default pi user. People have been asking for this for a long time.said clinic representatives

The first time user boots the Raspberry Pi OS Lite image, he will also be prompted to create a new account. If he needs to run a headless version of the Raspberry Pi, he can set a username and password before booting the OS (in the Settings dialog before burning the image) or by adding a userconf file to the boot partition containing credentials in the format username:encrypted-password.

It’s not such a vulnerability, because just knowing the username won’t help much if someone wants to hack into your system. In addition, they will need to know your password, and you will need to first allow some forms of remote access. However, this potentially makes it easier to brute force, and in response to this, some countries are now introducing laws that prevent any device connected to the Internet from using default login credentials.the developers write.

Let me remind you that we also Western Digital My Cloud OS Fixes Critical Vulnerability, and also that Apple leaves critical bugs unpatched in macOS Big Sur and Catalina.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

View all posts

Leave a Reply

Sending