IP Cameras Default Passwords Directory

Author: Ethan Ace, Published on May 28, 2016

Finding an IP camera's default password can be tedious or aggravating. And keeping up with changes in newer firmwares can be difficult, especially for occasional users.

With that in mind, we have gathered this list of IP camera manufacturers and their default usernames and passwords to help users get started more quickly. After the list, we discuss recent changes by manufacturers as well as password security issues.

[Don't miss downloading our free IP video surveillance book.]

Manufacturer List

For each manufacturer, we list the username first and pasword section in the following format: username/password. Where manufacturers have multiple defaults, or differences in newer/older firmwares, we have noted it:

  • ACTi: admin/123456 or Admin/123456
  • American Dynamics: admin/admin or admin/9999
  • Arecont Vision: none
  • Avigilon: Previously admin/admin, changed to Administrator/<blank> in later firmware versions
  • Axis: Traditionally root/pass, new Axis cameras require password creation during first login (though root/pass may be used for ONVIF access)
  • Basler: admin/admin
  • Bosch: None required, but new firmwares (6.0+) prompt users to create passwords on first login
  • Brickcom: admin/admin
  • Canon: root/camera
  • Cisco: No default password, requires creation during first login
  • Dahua: admin/admin
  • Digital Watchdog: admin/admin
  • DRS: admin/1234
  • DVTel: Admin/1234
  • DynaColor: Admin/1234
  • FLIR: admin/fliradmin
  • FLIR (Dahua OEM): admin/admin
  • Foscam: admin/<blank>
  • GeoVision: admin/admin
  • Grandstream: admin/admin
  • Hikvision: Previously admin/12345, but firmware 5.3.0 and up requires unique password creation
  • Honeywell: admin/1234
  • Intellio: admin/admin
  • IQinVision: root/system
  • IPX-DDK: root/admin or root/Admin
  • JVC: admin/jvc
  • March Networks: admin/<blank>
  • Mobotix: admin/meinsm
  • Northern: Previously admin/12345, but firmware 5.3.0 and up requires unique password creation
  • Panasonic: Previously admin/12345, but firmware 2.40 requires username/password creation
  • Pelco Sarix: admin/admin
  • Pixord: admin/admin
  • Samsung Electronics: root/root or admin/4321
  • Samsung Techwin (old): admin/1111111
  • Samsung (new): Previously admin/4321, but new firmwares require unique password creation
  • Sanyo: admin/admin
  • Scallop: admin/password
  • Sentry360 (mini): admin/1234
  • Sentry360 (pro): none
  • Sony: admin/admin
  • Speco: admin/1234
  • Stardot: admin/admin
  • Starvedia: admin/<blank>
  • Trendnet: admin/admin
  • Toshiba: root/ikwd
  • VideoIQ: supervisor/supervisor
  • Vivotek: root/<blank>
  • Ubiquiti: ubnt/ubnt
  • W-Box: admin/wbox123
  • Wodsee: admin/<blank>

If we have missed something or made errors, please comment and we will add/fix it.

Trend Toward Strong Passwords

Several manufacturers, including Hikvision, Samsung, and Panasonic, have begun to require unique passwords by default, with most requiring a mix of upper and lowercase letters, numbers, and special characters.

Others do not require unique passwords, but prompt users to set strong passwords when logging into the camera. For example, Bosch displays this message when logging into cameras using firmware 6.20 and above:

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Readers should see our IP Camera Passwords Report for more information on these manufacturers and methods.

Using Default Passwords

The use of default passwords in production systems is considered poor practice. At the very least, all surveillance network devices, including cameras, clients, and servers, should be changed from the defaults with strong passwords, documented in a secure location. This prevents access to the network using simple password guessing, requiring a more skilled attacker and more complex methods.

However, there are many who still claim default passwords are fine, especially if the surveillance system is on a dedicated network, without access to other client systems. Doing so may also make it easier for techs to access cameras, but anyone with access to the network (authorized or not) may use the default password to access cameras.

Readers should see our Network Security for IP Video Surveillance Guide 2016 for more information on passwords and other security measures.

[Note: This post was originally published in 2012 but was substantially revised and updated with new camera information and changes in default password approach for 2016.]

5 reports cite this report:

Arecont and Bosch - Default Security Risk on Dec 14, 2015
Default passwords are a major security risk, enabling hackers around the world to access and control devices like IP cameras (using Shodan, turning...
Axis Cybersecurity Hardening Guide Examined on Nov 19, 2015
In most IT areas, 'hardening' guides are commonplace, providing best practices for improving the cybersecurity of network products (e.g., see this...
IP Camera Trolling - Cybersecurity Showcase on Nov 09, 2015
If you want to convince your customers about the importance of cybersecurity and the risk of being the next Hikvision, Foscam or Trendnet, show...
New ONVIF Profile Q Aims To Change Discovery and Default Passwords on Jan 13, 2015
ONVIF is gearing up to release a new profile, called Q. They market it as providing "quick configuration and installation, providing innate...
IP Camera Passwords - Axis, Dahua, Samsung on Oct 15, 2014
IP cameras are famous / infamous for weak default passwords that can lead to major problems. See our IP Cameras Default Passwords Directory for...

Most Recent Industry Reports

"WTF?!?!? Who is Brian Karas?!?" Exclaims Knightscope on Oct 21, 2016
Knightscope co-founder Stacy Stephens emailed us: He may not have intended to send it us and he probably can figure out who Brian Karas is,...
Security Consultants Speak Episode 1 - Protus3 on Oct 21, 2016
This is a first of a series of conversations with security consultants. If you are a security consultant that wants to talk and can share frank...
Sony and Samsung Breaking VBR on Oct 21, 2016
For years, users have known variable bitrate (VBR) as one thing only: bandwidth varies, compression stays the same. This is not an accident but an...
Pelco Matrix End Of Life - End Of An Era on Oct 20, 2016
Pelco Matrix switchers, once the pinnacle of large SD analog installations, are now literally impossible to build. The Matrix products were not...
Axis Video Revenue Down on Oct 20, 2016
An important milestone. Axis revenue for video products is down year over year. But Axis is now focusing on 'diversification'. In this report, we...
Worst Access Control 2016 on Oct 19, 2016
Two access control providers stood out as being the worst to work with for integrators. In this report, we analyze the answers to: "In the past...
Hacked DVRs Surge To 400,000 on Oct 19, 2016
The global internet is under attack from record breaking botnets. And it is getting worse, Mirai doubled in size in the last month. Shamefully,...
Longse Rips Off Hikvision on Oct 19, 2016
Longse is on the attack, and now they are targeting Hikvision. Evidently not content just to rip off Milestone and Video Insight, Longse has now...
China "Unswerving Leadership Over State-Owned Enterprises" Like Hikvision on Oct 18, 2016
The PR agency of the Chinese government declared: President Xi Jinping stressed the Communist Party of China's (CPC) unswerving leadership over...
Move Aside Cisco, Axis Has A Network Switch For Integrators on Oct 18, 2016
Cisco is a common choice for network switches, including in our Favorite Network Switches survey, but now Axis is releasing a 16 port PoE+ switch...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact