Raspberry Pi Default Password Guide: New Setup, Changes, and Security Tips

Oct 30, 2024

The Raspberry Pi does not have a "default" password anymore, as newer Raspberry Pi OS releases (starting with Raspberry Pi OS Bullseye, 2022) require users to create a custom password during the initial setup. However, for older versions of Raspberry Pi OS (before this change), the default credentials were:
● Username: pi
● Password: raspberry

New Setup Process (Post-2022):

IMPORTANT: User sets the username and password during the first boot, ensuring better security.

Setting Password via Raspeberry Pi Imager

1.Select the OS and SD Card, clic Next
2.Select “Edit Settings”

3.Go to General Tab and check “Set Username and password”
4.Enter a username and password that we want to use as the default credentials for the Raspberry Pi.

Changing Password via Terminal

Option with Command ‘passwd’ 
1.Open a terminal and run: passwd

Enter the current password and then change it with a new password.

Option with Command ‘raspi-config’

1.Open a terminal and run: sudo raspi-config

2.Select System Options and the option S3: Password

Enter the current password and then change it with a new password.

Changing Password via GUI

1.Go to Menu – Preferences: Raspberry Pi Configuration
2.On System tab, clic on “Change Password”

Resetting Forgotten Password

If we've forgotten the password on a Raspberry Pi, we can reset it by following these steps:

1.Turn off the Raspberry Pi and remove the microSD card.

2.Insert the microSD card into another computer (e.g., using an SD card reader).

3.Open the SD card’s “boot” partition on the other computer. Look for the file named `cmdline.txt`.

4.Edit `cmdline.txt`:

Open `cmdline.txt` in a text editor.

Add `init=/bin/sh` at the end of the single line of text. Do not add any line breaks. The line should look something like this:

dwc_otg.lpm_enable=0 console=serial0,115200 console=tty1 root=PARTUUID=XXXX-XXXX rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait init=/bin/sh

5.Save and close the file, then safely eject the microSD card and put it back in the Raspberry Pi.

6.Boot the Raspberry Pi: After it starts up, it will load directly into a root shell without needing a password.

7.Remount the filesystem as writable:
Type the following command to make the filesystem writable:
mount -o remount,rw /

8.Reset the password:
Use the `passwd` command to change the password for the `pi` user (or another username if you’re using a different one):
passwd pi

9.Revert the changes in `cmdline.txt`:
Shut down the Raspberry Pi, remove the microSD card, and put it back into the other computer.
Open `cmdline.txt` and delete the `init=/bin/sh` part you added.
Save the file and safely eject the microSD card.

10.Boot the Raspberry Pi normally: It should now boot with the new password.

Security Best Practices

Steps for SSH Key-Based Authentication

1.Generate SSH Keys on your Local Machine

If you don’t already have an SSH key pair, generate one on your computer:
ssh-keygen -t rsa -b 4096 -C "example_your_name"
● -t rsa: Specifies the type of encryption (RSA is commonly used).
● -b 4096: Sets the key length to 4096 bits, which is more secure.
● -C: Adds a label, like your email, for identification.

When prompted, specify a file location to save the key (default location is usually `~/.ssh/id_rsa`) and choose whether to add a passphrase for additional security.

(Example with Windows)

2.Copy the SSH Public Key to the Raspberry Pi

Once your SSH key pair is ready, copy the public key to your Raspberry Pi. Replace `pi` with your Raspberry Pi username and `your_pi_ip_address` with the Raspberry Pi’s IP address:

● Linux Computer, open a Terminal
ssh-copy-id pi@your_pi_ip_address
● Windows Computer, open a CommandLine
type $env:USERPROFILE\.ssh\id_rsa.pub | your_pi_ip_address "cat >> .ssh/authorized_keys"

This command will prompt you to enter the Raspberry Pi’s password (for the last time). It appends your public key to the `~/.ssh/authorized_keys` file on your Raspberry Pi, allowing passwordless login using the SSH key.

3.Disable Password-Based SSH Authentication

To ensure only SSH keys can be used to log in:
Open the SSH configuration file on your Raspberry Pi:
sudo nano /etc/ssh/sshd_config
Look for the line: #
PasswordAuthentication yes
Change it to:
PasswordAuthentication no

Save the file and exit, then restart SSH to apply changes:
sudo systemctl restart ssh

4.Test the SSH Key Authentication

Try logging in to your Raspberry Pi from your local machine:
ssh pi@your_pi_ip_address

If set up correctly, it will use the SSH key to authenticate without asking for a password.

In Conclusion

Managing the Raspberry Pi’s password effectively is essential to secure your device and data. By setting a custom password during the initial setup, regularly updating it, and employing SSH keys, you can protect against unauthorized access. Following these best practices helps maintain a secure environment, whether for personal projects or educational use. Implementing these security measures will ensure your Raspberry Pi remains a safe and reliable tool in your tech endeavors.