Reading the Axis exploit prompted me to admit that I am guilty of leaving defaults for many of my smaller customers, particularly when they are on a closed LAN. I'm sure you like I have had customers come in and change the admin password, then forget it or that key employee left and no one knows what it is. I'm very open to a system that would be more secure passwords yet not cumbersome to implement nor vulnerable to forgetting what I changed it to.
Now that HIK is mandating longer more complex passwords, it's easy to do just that. Just the other day I tried to log into a small 4 channel IP NVR that I created some unique 8 character password when I installed it and for the life of me I can't remember it. Going to have to go through the reset process to access it.
I wish the manufacturer could set up a secure web site where the device could resend it's password via a secure connection and the integrator could retrieve it.