IP Cameras Default Passwords Directory

Author: Ethan Ace, Published on May 28, 2016

Finding an IP camera's default password can be tedious or aggravating. And keeping up with changes in newer firmwares can be difficult, especially for occasional users.

With that in mind, we have gathered this list of IP camera manufacturers and their default usernames and passwords to help users get started more quickly. After the list, we discuss recent changes by manufacturers as well as password security issues.

[Don't miss downloading our free IP video surveillance book.]

Manufacturer List

For each manufacturer, we list the username first and pasword section in the following format: username/password. Where manufacturers have multiple defaults, or differences in newer/older firmwares, we have noted it:

  • ACTi: admin/123456 or Admin/123456
  • American Dynamics: admin/admin or admin/9999
  • Arecont Vision: none
  • Avigilon: Previously admin/admin, changed to Administrator/<blank> in later firmware versions
  • Axis: Traditionally root/pass, new Axis cameras require password creation during first login (though root/pass may be used for ONVIF access)
  • Basler: admin/admin
  • Bosch: None required, but new firmwares (6.0+) prompt users to create passwords on first login
  • Brickcom: admin/admin
  • Canon: root/camera
  • Cisco: No default password, requires creation during first login
  • Dahua: admin/admin
  • Digital Watchdog: admin/admin
  • DRS: admin/1234
  • DVTel: Admin/1234
  • DynaColor: Admin/1234
  • FLIR: admin/fliradmin
  • FLIR (Dahua OEM): admin/admin
  • Foscam: admin/<blank>
  • GeoVision: admin/admin
  • Grandstream: admin/admin
  • Hikvision: Previously admin/12345, but firmware 5.3.0 and up requires unique password creation
  • Honeywell: admin/1234
  • Intellio: admin/admin
  • IQinVision: root/system
  • IPX-DDK: root/admin or root/Admin
  • JVC: admin/jvc
  • March Networks: admin/<blank>
  • Mobotix: admin/meinsm
  • Northern: Previously admin/12345, but firmware 5.3.0 and up requires unique password creation
  • Panasonic: Previously admin/12345, but firmware 2.40 requires username/password creation
  • Pelco Sarix: admin/admin
  • Pixord: admin/admin
  • Samsung Electronics: root/root or admin/4321
  • Samsung Techwin (old): admin/1111111
  • Samsung (new): Previously admin/4321, but new firmwares require unique password creation
  • Sanyo: admin/admin
  • Scallop: admin/password
  • Sentry360 (mini): admin/1234
  • Sentry360 (pro): none
  • Sony: admin/admin
  • Speco: admin/1234
  • Stardot: admin/admin
  • Starvedia: admin/<blank>
  • Trendnet: admin/admin
  • Toshiba: root/ikwd
  • VideoIQ: supervisor/supervisor
  • Vivotek: root/<blank>
  • Ubiquiti: ubnt/ubnt
  • W-Box: admin/wbox123
  • Wodsee: admin/<blank>

If we have missed something or made errors, please comment and we will add/fix it.

Trend Toward Strong Passwords

Several manufacturers, including Hikvision, Samsung, and Panasonic, have begun to require unique passwords by default, with most requiring a mix of upper and lowercase letters, numbers, and special characters.

Others do not require unique passwords, but prompt users to set strong passwords when logging into the camera. For example, Bosch displays this message when logging into cameras using firmware 6.20 and above:

Sign Up for the IPVM Newsletter
Sign Up for the IPVM Newsletter

Readers should see our IP Camera Passwords Report for more information on these manufacturers and methods.

Using Default Passwords

The use of default passwords in production systems is considered poor practice. At the very least, all surveillance network devices, including cameras, clients, and servers, should be changed from the defaults with strong passwords, documented in a secure location. This prevents access to the network using simple password guessing, requiring a more skilled attacker and more complex methods.

However, there are many who still claim default passwords are fine, especially if the surveillance system is on a dedicated network, without access to other client systems. Doing so may also make it easier for techs to access cameras, but anyone with access to the network (authorized or not) may use the default password to access cameras.

Readers should see our Network Security for IP Video Surveillance Guide 2016 for more information on passwords and other security measures.

[Note: This post was originally published in 2012 but was substantially revised and updated with new camera information and changes in default password approach for 2016.]

5 reports cite this report:

Arecont and Bosch - Default Security Risk on Dec 14, 2015
Default passwords are a major security risk, enabling hackers around the world to access and control devices like IP cameras (using Shodan, turning...
Axis Cybersecurity Hardening Guide Examined on Nov 19, 2015
In most IT areas, 'hardening' guides are commonplace, providing best practices for improving the cybersecurity of network products (e.g., see this...
IP Camera Trolling - Cybersecurity Showcase on Nov 09, 2015
If you want to convince your customers about the importance of cybersecurity and the risk of being the next Hikvision, Foscam or Trendnet, show...
New ONVIF Profile Q Aims To Change Discovery and Default Passwords on Jan 13, 2015
ONVIF is gearing up to release a new profile, called Q. They market it as providing "quick configuration and installation, providing innate...
IP Camera Passwords - Axis, Dahua, Samsung on Oct 15, 2014
IP cameras are famous / infamous for weak default passwords that can lead to major problems. See our IP Cameras Default Passwords Directory for...

Most Recent Industry Reports

ONVIF Profile G Video Storage Test on Aug 26, 2016
A standard to retrieve video stored on 3rd party devices. This is the aim of ONVIF Profile G. The proprietary nature of accessing recorded video...
Viakoo Health Monitoring Examined on Aug 26, 2016
Viakoo, the company of ex-Intransa leaders, says they have created a monitoring tool for security networks that is easy to deploy and offers...
Genetec Access Control Security Center 5.5 Release on Aug 26, 2016
Inside, we examine Genetec's new Access Control features in Security Center 5.5. Enhanced Active Directory and 'Universal Groups' New, Single...
Tailgating - Access Control Tutorial on Aug 25, 2016
Despite costing thousands of dollars per door, electronic access control systems are vulnerable to an easy exploit called 'tailgating'. Unless this...
Manufacturer Trade Show Costs Analyzed - Spending Millions on Aug 25, 2016
Ten million dollars plus is spent by manufacturers at every major trade show (e.g., ISC West, ASIS, IFSEC, Essen, etc.) And the bigger booths...
Axxon Next VMS 4.0 Tested on Aug 24, 2016
AxxonSoft is one of the biggest VMS vendors (reporting 263,000 channels sold in 2015), especially strong in their home market of Russia, but not...
Milestone Declares End-To-End Is A Dead-End on Aug 24, 2016
While Axis celebrates their end to end system win at top 50 global retailer H&amp;M, their Canon sister company Milestone is proclaiming that...
Hikvision 20% Price Cut Twice In A Month on Aug 23, 2016
Days after celebrating the Chinese government's commitment of up to $3 billion USD more in funding, Hikvision USA is now launching up to 20% across...
HD Analog DVRs With Exacq, Milestone and Genetec VMSes Tested on Aug 23, 2016
HD analog offerings have proven to deliver HD video at radically lower prices. However, the main limitation for professional applications is their...
1 New Acquisition Per Year Planned for Qognify (Former Nice Security) on Aug 23, 2016
Want to be acquired? Qognify, the former Nice Security Group, has big money behind it and the plans for multiple acquisitions. In this note, we...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact