“pi” no more: Raspberry Pi OS ditches longtime user account for security reasons

The Pi OS is getting a new setup wizard to help it shed its old username.

Enlarge / The Pi OS is getting a new setup wizard to help it shed its old username. (credit: Raspberry Pi Foundation)

Since its launch, the Raspberry Pi OS (and most operating systems based on it) has shipped with a default "pi" user account, making it simpler to boot up a Pi and start working without needing to hook up the device to a monitor or go through a multi-step setup process. But as of today, that's changing—new installs of the Raspberry Pi OS are shedding that default user account for both security and regulatory reasons.

Raspberry Pi Foundation software engineer Simon Long explains the thinking in this blog post.

"[The "pi" user account] could potentially make a brute-force attack slightly easier, and in response to this, some countries are now introducing legislation to forbid any Internet-connected device from having default login credentials," he writes.

Read 5 remaining paragraphs | Comments



from Tech – Ars Technica https://ift.tt/VAk43J6

Comments