uOS 1.38-Hardening Admin Security: Disabling the Default Admin Account
Zyxel Employee
Securing Administrative Access: Disabling the Default Admin
To mitigate the risk of brute-force attacks, Zyxel now allows administrators to disable the default "admin" account on H series firewalls.
Safe Disabling and Safeguards
The default "admin" username is a frequent target for automated attackers. Administrators can now toggle this account to "Disabled" under User & Authentication settings.
To prevent accidental lockout, the system requires that at least one other active administrator-level account exists before the default account can be disabled.
Emergency Recovery Mechanism
If access is lost, a hardware-level recovery is available. By entering debug mode during the boot process and executing the command: atkz -g, the firewall will re-enable the default admin account and reset its password to factory defaults while keeping all other startup configurations and user accounts intact.
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 229 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 661 USG FLEX H Series
- 359 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 56 Wireless Ideas
- 7.1K Consumer Product
- 305 Service & License
- 497 News and Release
- 95 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 5K FAQ
- 34 Documents
- 89 About Community
- 110 Security Highlight