Fix this Meraki! - Blank 'admin' password allowed for 'my.meraki.com'. ???

PeterJames
Head in the Cloud

Fix this Meraki! - Blank 'admin' password allowed for 'my.meraki.com'. ???

Hi Meraki,

Why is this even allowed?

 

If you enable either one of these features, the interface should force you to set an 'admin' password.

 

Crazy.PNG


Thank you,
Peter James

4 Replies 4
BHC_RESORTS
Head in the Cloud

Security should always be your focus - we ALWAYS change defaults. Edit: If you don't set a password, it is the serial number of the device. So not exactly blank, but weak.

BHC Resorts IT Department
Chris_M
Getting noticed

The onus to provide security of the devices falls on you, the administrator. Meraki provides security over what they control, the cloud. So its up to you, to set up the default password for device login when they pull configurations from the cloud. The serial number can be gotten from the dashbord or from the hardware device, thus requiring you to physically secure your device, which is your responsibility, nothing Meraki can do about.

 

However, a reminder for setting password is a good idea.


Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator
Mr_IT_Guy
A model citizen

Every single network device I've used always comes with a default user name and password. During initial setup, we change this password to something more secure. Setting up the Meraki device username/password is no different than on a HP. If YOU don't change it, there's a default that anyone could use if they know where to look.

Found this helpful? Give me some Kudos! (click on the little up-arrow below)
PeterJames
Head in the Cloud

@Mr_IT_Guy @Chris_M @BHC_RESORTS Thanks all.

This is exactly what I have done and do completely agree! I just don't think it being able to have it blank is a very good design. I've seen this implemented on other systems where you can unlock it to blank for 15-30 minutes.

 

Admittedly I found this on a network I did not setup, which obviously prompted me to check all our networks.


Thank you,
Peter James

Get notified when there are additional replies to this discussion.