NOTE: The article below applies only to Raspian distributions published before April 2022. At that point, the default “pi” user was dropped, for sound security reasons. Subsequent releases include an alternative, and more secure, process for creating a user of your choice (detailed at the above link).
The rest of this article remains online for historical reasons only, and should no longer be used. (author, 6/7/24).
Historical Article
The Raspberry Pi comes with a default user called “pi”, whose initial password is also set to a well known default. While this makes it easy to use the system, it is not very secure. Anyone with physical access to your Pi could login with these widely known credentials. Furthermore, if you have enabled the SSH server, users on the local network could do the same.
Even if you have changed the “pi” user password, just having a user name that is universally known is still a security risk. The following article explains how to safely rename the “pi” user to something more secure. This article was last updated on 31st May 2020 and tested with Raspbian (Raspios) Buster release 27/5/2020. Continue reading