The onus to provide security of the devices falls on you, the administrator. Meraki provides security over what they control, the cloud. So its up to you, to set up the default password for device login when they pull configurations from the cloud. The serial number can be gotten from the dashbord or from the hardware device, thus requiring you to physically secure your device, which is your responsibility, nothing Meraki can do about.
However, a reminder for setting password is a good idea.
Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator