Station security changes were made in the AX-3.8 development cycle that affect the standard “demo” station typically installed with NiagaraAX Workbench (as well as the “demoAppliance” station). For the most part these stations remain unchanged from previous releases, meaning that the various default users, including the “admin” user, still have a default “blank” (empty) password.

Such users include the “adminWbBasic” user, “adminHxDefault” user, and so on—all of which are “super users”. These users exist to demonstrate different “Web Profiles” when accessing the station via a browser. Obviously, this combination of “well known” super users, each with a default blank password, is not a good security practice to maintain.

For proper security in a production system, the usage of “super users” in a station should be minimized, as explained in various NiagaraAX documents, including the NiagaraAX Hardening Guide.

Note that login access of the demo station as any of these users, either from Workbench or a browser, now prompts to reset the password. This happens because the AX-3.8 demo station now has all station users configured for password reset. Once a new password is entered, that super user has full access to the station—just as the “admin” user has.

Therefore to prevent any “unauthorized access” of a demo station, it is strongly recommended that after first accessing the station as the admin user, that you do one of the following:

Be sure to Save changes to the station after making user adjustments—right-click the Station node in the Nav tree and select Save Station.

For more details about station security in NiagaraAX, see “About Security” in the NiagaraAX User Guide.