szmoore
commented
11 years ago Not only are they listed in publicly accessible pages, they are also ridiculously easy to crack. This is fine for testing purposes, but if no one remembers to change them and it ends up on UWA's network then you will have an infected server within minutes.
Eg: Username and password for ssh login.
If the system is deployed on UWA's network, these MUST, I repeat MUST, be changed. For blindingly obvious reasons.