I recently purchased a CRS328-24P-4S+ which allowed login originally but now fails after a reset to default config.
The unit was tested and the hardware appears to be fine. After testing the unit was reset to default config. After the reset login using the default of admin with a blank password fails.
Using Netinstall to load 6.49.7 or 7.6 WITH default config also fails using the default of admin with a blank password.
Using Netinstall to load 6.49.7 or 7.6 WITHOUT a default config eventually allows access but of course there is no configuration.
Is there any other default “admin” and “password” comgination?
Is there any way to clear any password that seems to be surviving a Netinstall or reset to default config?
Hello,
I just went thought the same process on brand new C53UiG+5HPaxD2HPaxD – combination of admin and empty password is not working for me either. I tried the same process as KB23 and have the same results. I also tried connecting to default WiFi Mikrotik-* using SN as password and it doesn’t work
EDIT: I just found the small drawer on the back of ax3 that has both the password to the RouterOS and to the WIFI
WTF is going on, I have exactly the same issue with my new C53UiG+5HPaxD2HPaxD (hap ax3).
The device came with 7.6 pre-installed and login was not possible with admin / empty.
No - there’s no sticker on the device or in the package indicating a changed default password. The manual also states that it’s admin with an empty password.
I even netinstalled the device using the latest 7.7rc4 with default config option checked - same issue. Tried winbox / webfig and mac telnet from another router.
I’ll try netinstall again without a default configuration.
How can this pass QA?..
Works without default config
@holvoetn , have your password vault updated with all those passwords!
Your devices are just as far away as mine.
I can recover any device remotely, also after someone (students?) has pressed the hardware reset (*).
But if that new ‘printed on the label’ password is activated that way, I might be locked out, if not documented at home.
(*) reset sequence is now a combination of mode and reset button, to avoid unintended user initiated reset or “protected routerboot lockout with need to netinstall”.
Passwords on “CUBE 60 ac” are modified now, but reset by button might bring the labeled password back. (And devices are installed rather low in the street)
Always a problem: security setup, there is no easy solution to make it tamper proof on one hand, but still allow to reset (as a backdoor), if the device is remote.
Wonder if discussions on the need to reset the blank password at first power on, or you lose access later as seen in this forum with some releases, is related to this post.
Release notes 6.49 … (probably not this one)
*) user - added “expired” user status with suggestion to change password (WinBox v3.29 required);
*) user - show “expiredpassword” prompt for users with blank password;
After a bit of back and forth with Mikrotik support it turns out that my CRS328-24P-4S+ had a post reset password installed out of the factory but it did NOT have a password label.
Support was able to provide the password.
So there may be more equipment making it into the field with the same problem.
This new “feature” could be a real problem for us. Gear often being installed in rather hard to reach places.
I just tried to setup a brand new CRS328-24P-4S+ and indeed after a netinstall of the new routeros 7.7 I can no longer login into it. I’ve noticed some advice on the net that the password might be serial number in reverse but that does not work either.
How long did it take to get this solved with support? @KB23
Honestly I’m tempted to just ship it back. This is eating way too much time.
So it seems I managed to get it to work by providing no default setup and placing in an IP address in Netinstall app. After deploying 7.7 like this and opening 192.168.88.1 in browser (that’s what I put in the Netinstall ip address field) it popped a screen saying the password was expired and accepted blank as old password. After finishing the configure step I was able to login into it!
Would it be possible to guess the default password printed in the sticker?
I have an automated process to change some configuration for my new devices. I need to be able to access the router as soon as I take it out of the box. With this “new random password”, I’m not longer capable of that.
I don’t know if any of you has any clue of how these default passwords are generated (maybe a hash or combination of serial number and MAC addresses?). Any help is appreciated.
As far as I know it’s entirely random (and it SHOULD be !).
First thing you need to do from here on is to complete a list with MAC address and password. It’s on the same label.
I too ran into this issue w/ a new RB4011iGS today and spent an unnecessary amount of time chasing a friggin squirrel for no good reason! I’ve only worked with Mikrotik for 15yrs. If I missed an announcement, shame on me. Otherwise, WTH? Mikrotik has every right to alter their products as they see fit. But it doesn’t mean it makes sense. Why wasn’t it good enough to force a password change on a new/factory reset boot? I welcomed that change, but #!&^#$ Just saying…
