"Jeffrey I. Schiller" <jis@MIT.EDU> writes:
An option I saw years ago (I forgot on whose equipment) was a default password which was a function of the equipment's serial number. So you had to have the algorithm and you needed the serial number which was not related to the MAC. So if you didn't have physical access, you were not in a good position to learn the password.
I suspect this was a support nightmare for the vendor and I bet they went to a more standard (read: the same) factory password.
Another class of devices, but the Compaq OOM management cards for servers ("RILOE") used to do this. Really nice when the serial number is placed on a sticker on a PCI card... You would usually have to shut down the server and pull out the card to read the sticker. Unless it had fallen off. Did I mention that the cards had a number of stickers with similar numbers on them with no indication which was the real serial number? Well, I'm not going to claim this was the reason why there is no Compaq anymore, but it must have cost them *a lot* in support and frustrated users. For what passible gain? It was still a default password, just a tiny bit more obscure. Bjørn