Bleeping Computer

Raspberry Pi removes default user to hinder brute-force attacks

An update to Raspberry Pi OS Bullseye has removed the default 'pi' user to make it harder for attackers to find and compromise Internet-exposed Raspberry Pi devices using default credentials. Starting ...
Computer Weekly

Raspberry Pi Foundation ditches default username policy

The Raspberry Pi Foundation, the organisation behind the wildly popular eponymous computing platform, is rolling out a small but impactful security policy update, eliminating default usernames to cut ...
Ars Technica

Raspberry Pi OS axes longstanding default user account in the name of security

This doesn't make a whole lot of sense. Just having a user account named "pi" is not a security vulnerability. Its making it accessible remotely with a plaintext password that is the security ...