I have a pocket mAP Lite, occasional technical use, without passwords. My friend has a stack of spare MT units for replacement. They are booted only for DOA checking. If it's 6..49.2, will he be locked out when the device needs to be deployed?
I understand what your getting at but that would mean, assuming your mAP Lite makes auto connection to your VPN, someone getting that device into his/her hands does get access to your network as well ?
Convenience has been left outside the door already decades ago as far as security is concerned.
I have ZERO devices under my control where no password is applied if a password can be set. And bar 2 exceptions (2 "lab" devices which do not leave my home office), all unique passwords. That's what a password manager is for.
Not those yellow sticky notes on the side of a monitor ...
As for DOA replacement devices, very first thing to do once these devices get deployed, is to set a suitable password, no ?
It does not make sense to boot them only to see if they can boot ? That only increases the risk they will effectively not boot anymore (HW works like that, deteriorates every power cycle. Marginally, yes, but each cycle increases risk of failure)