Beware the default password
The default password exists to allow an administrator initial access, for setup and configuration, and you are generally forced, or at least you should be, to change the password to something more complicated as the configuration advances. Unfortunately, this is not a step that everyone takes.
Re: Beware the default password
There is a website that publishes default passwords for all kinds of hardware, routers included. I like Cisco's approach. You can reset any password entered into one of their routers but you can only do so from the console port, which requires physical access. When we used the Cisco 2600 routers at the college I graduated from, there were some students from other courses that, in violation of what the instructors had told them, put proprietary passwords(instead of the generic ones we were supposed to use) on the routers which prevented anyone else from using them. They were supposed to save the running configuration and copy and paste it when they used the router but did this instead. As a result, we would have to reset the password, using a procedure that was posted on Cisco's website, in order to use them. It worked and wiped out any saved configuration so you could start from scratch.