by Colm Murphy - Technical Director of Espion - Monday, 1 September 2007.
There are resources available on the Internet that allows you to audit your network devices and software applications. This should be performed as part of your yearly audit schedule. A simple Google search for 'default password list' yields hundreds of sites that claim to have the most comprehensive database of default passwords. One of the oldest, and still reliable, can be found here
. It makes for some interesting reading and is regularly updated.
Whatever the organization, whatever the choice of software or hardware vendor, the default password is likely to raise its ugly head from time to time. Be proactive and get scanning. You will be amazed at what you may find.