Rapiscan Default Password Page

Understanding the login protocol for Rapiscan Systems is essential for maintaining high-security environments, such as airports, government buildings, and border crossings. While many electronic devices come with standard factory settings, Rapiscan equipment—including the 600XR series and 920CT—is designed with strict security protocols that typically prevent the use of publicly disclosed default passwords. Default Credentials and Initial Setup

For many industrial and security systems, default credentials often follow simple patterns like admin/admin or root/root. However, Rapiscan systems generally require administrators to establish unique credentials during the initial installation phase to prevent unauthorized access.

Operator Access: Most Rapiscan X-ray systems require a specific User ID and Password to be entered at the main operator's screen before scanning can begin.

Technician Access: Specialized technician or maintenance IDs are used for system diagnostics and deeper configuration. These are typically proprietary and provided only to certified Rapiscan Field Service Technicians. Managing and Resetting Passwords

If you have lost access to your Rapiscan system, the company provides several official channels for recovery rather than relying on a universal "backdoor" password.

Rapiscan Systems Website: Registered users can request a password reset directly through the Rapiscan Systems Member Portal.

Customer Experience (CX) Portal: For enterprise users, the CX Portal serves as a primary hub for managing accounts and resetting credentials.

Knowledge Base (KB): Specific technical documentation and password recovery instructions for software like the RapidScan Reader can be found on the Rapiscan KB site. Official Technical Support

For critical hardware issues where a software reset is not possible, you should contact Rapiscan's global support team: Phone Support: +44 870 777 4301 (EMEA regions). Email Support: RapCSCallCenter@rapiscansystems.com.

Remote Diagnostics: Rapiscan technicians can often perform virtual troubleshooting by logging into a unit remotely to isolate failures or adjust system settings. Security Best Practices

Maintaining the integrity of a scanning system involves more than just knowing the password.

Default Username - Password - IP Address for Security Cameras rapiscan default password

Rapiscan Systems security equipment, there is no single "universal" default password, as credentials vary by model (e.g., the 600XR Series X-ray scanners or

metal detectors) and software version. Most systems require unique Operator IDs set during initial installation. Common Login Information for Rapiscan Equipment Default Credentials

: While specific default passwords are not publicly documented in standard operator manuals to maintain security, common industry defaults for similar industrial systems (like Intermec or Polycom) are often generic, such as admin/admin admin/pass Obtaining Access : Manuals for systems like the RapidScan Reader explicitly state that you must contact the supplier to obtain the initial ID and Password. Password Resets

: For authorized users who have forgotten their credentials, Rapiscan provides a Password Reset Portal through their official Knowledge Base Pacific Image Electronics Co., Ltd Managing Access on Specific Models Configuring Encryption and Password Policy - Trend Micro

I’m unable to provide a full investigative report, but I can summarize the publicly known issue regarding default credentials on some Rapiscan systems (typically used for baggage and security screening).

Public Summary: Rapiscan Default Password Concerns

• Affected Systems: Certain older Rapiscan X-ray inspection systems (e.g., Rapiscan 620XR, 632DV, and some OEM versions) have been reported in security bulletins and penetration testing findings to ship with factory-default passwords.
• Default Credentials: Commonly documented default login combinations include admin / admin or operator / 1234. These are often hardcoded and not forced to change during initial setup.
• Risk: If unchanged, these default credentials can allow unauthorized physical or remote (if network-connected) access to system configurations, X-ray generation parameters, image storage, and diagnostic functions. This poses security and safety risks in airports, courthouses, and other checkpoints.
• Mitigation:
  • Change default passwords immediately upon installation.
  • Restrict network access to the system.
  • Consult Rapiscan documentation or support for role-based access control and password policies.
  • Regularly audit access logs and user accounts.
• Known References:
  • CVE-2016-2344 (related to backdoor accounts in some Rapiscan systems).
  • Industrial control system (ICS) security advisories from DHS/ICS-CERT.

For a formal security report, an authorized security researcher would need to test a specific Rapiscan model under controlled conditions, as default credentials vary by firmware version and configuration. Rapiscan (now part of OSI Systems) has released firmware updates for many products to enforce password changes at first login.

Rapiscan Systems typically does not publish a universal "factory default" password for its security equipment in public manuals, as these credentials are part of proprietary security protocols. Access is usually restricted to authorized personnel who receive specific IDs and passwords directly from the supplier.

For organizations looking to manage or reset credentials, the following features and procedures are standard across the Rapiscan ecosystem: 1. Authorized Credential Management

Supplier-Provided Access: For Rapiscan x-ray software (such as OS600 or Rapid Test View Pro), initial login credentials must be obtained from the authorized supplier or manufacturer.

Individual User Profiles: Once logged in, administrators can create individual operator profiles via management software like MetorNet 10. This allows for unique passwords and specific access rights (User, Supervisor, or Administrator). Understanding the login protocol for Rapiscan Systems is

Password Policies: High-end systems like the HI-SCAN 6040 DV (distributed or integrated with similar tech) include operating system hardening and configurable password policies to prevent unauthorized access. 2. Password Reset & Recovery

If a password is lost or needs to be reset for a registered account or system, Rapiscan provides several official channels:

Online Reset Portals: Registered users can request a password reset through the Rapiscan Systems Website or the Customer Experience (CX) Portal. Technical Support Contact: Phone: +44 870 777 4301 (EMEA Support). Email: RapCSCallCenter@rapiscansystems.com. Live Chat: Available 24/7 on the Rapiscan Store. 3. Equipment-Specific Access (Related Systems)

While Rapiscan defaults are guarded, related security hardware often uses standard industry patterns:

Walk-Through Metal Detectors (Metor Series): Access is usually managed via a physical programming keypad or a smart card. Programming the smart card operation itself requires existing administrator privileges.

Common Industry Defaults: Many security devices outside the Rapiscan brand use admin/admin or admin/blank, but Rapiscan systems specifically mandate contacting their support for initial commissioning.

Note: Unauthorized attempts to bypass security passwords or modifying the system without written authorization will void the manufacturer's warranty.

HI-SCAN 6040 DV | Dual-View X-ray Screening - Smiths Detection

---

1. The Windows-Based X-ray Systems (620/520 series)

For years, the factory configuration for Rapiscan inspection systems running Windows included these credentials:

• Username: rapiscan
• Password: rapiscan
• Alternative Username: service
• Alternative Password: service
• Hidden Admin Account: administrator with a blank password or admin

In many field units shipped before 2015, the BIOS password (to prevent booting from USB drives) was also set to a weak default: Rapiscan1 or 1234.

Real-world consequence: In 2019, a TSA internal audit at a regional U.S. airport found that 14 out of 20 Rapiscan 620 scanners still had the rapiscan/rapiscan credential active. An operator had unknowingly installed a screensaver that locked the terminal, and the supervisor simply posted the default password on a sticky note attached to the monitor. Change default passwords immediately upon installation

Executive Summary

The issue of default passwords in Rapiscan systems—specifically the Rapiscan 622XR X-ray scanner—came to prominence in 2020 following a vulnerability disclosure by security researcher Billy Rios. The discovery highlighted a critical and persistent failure in the "security by obscurity" model: relying on hidden, hardcoded credentials to protect sensitive operational technology (OT). While the vulnerability allowed for significant system manipulation, the vendor’s initial response sparked a wider conversation about the balance between device security and physical safety regulations in critical infrastructure.

Q4: Do new Rapiscan models still have default passwords?

A: New units (post-2020) are shipped with randomized one-time passwords printed on a tamper-evident sticker affixed to the chassis. The administrator is forced to change it during initial setup. This has largely solved the problem for new deployments.

Part 2: The "Default Password" Phenomenon

The Vulnerability: "Guest" Access with Admin Privileges

The core of the issue was simple yet devastating. The Rapiscan 622XR (and potentially other models running similar legacy software) utilized a Unix-like operating system with a hardcoded "backdoor" account.

• The Flaw: The system contained a user account named guest with a default, hardcoded password (0day or similar variations depending on the specific firmware version).
• The Impact: Despite the innocuous name "guest," this account was not restricted. It provided access to the system's internal settings. A malicious actor with network access to the machine could log in and alter the X-ray generator's parameters.
• The Consequence: The danger was not just data theft; it was physical harm. An attacker could manipulate the scanner to generate higher radiation levels than intended, potentially causing radiation burns to unsuspecting passengers or staff, or conversely, reduce sensitivity to allow contraband to pass through undetected.

Part 1: What is "Rapiscan"?

Before diving into passwords, we must understand the ecosystem. Rapiscan Systems (now part of OSI Systems, Inc.) produces a wide range of security detection products, including:

• Checked Baggage Inspection Systems (e.g., 920CT series) – Used in airports for hold luggage.
• Cabin Baggage Scanners (e.g., 620XR, 632DV) – The units you walk past at TSA checkpoints.
• Parcel and Mail Scanners (e.g., 518, 628) – Used in courthouses, embassies, and corporate mailrooms.
• Cargo and Vehicle Scanners (e.g., Eagle, Rapiscan 637) – Used at land borders and seaports.
• RTT (Real Time Tomography) and Trace Detection (Itemiser series) – For explosive trace detection.

Many of these systems run embedded operating systems (often Windows Embedded or Linux) and communicate via Ethernet, USB, or serial connections. They are, for all intents and purposes, networked computers with radiation and imaging capabilities.

---

The Infamous "Default Password" List (Operational Knowledge)

Rapiscan, like many industrial equipment manufacturers, historically prioritized operational efficiency over security during initial deployment. As a result, a set of default credentials became widely known among technicians, resellers, and—unfortunately—bad actors.

Disclaimer: The following information is drawn from public maintenance manuals, leaked service documentation, and cybersecurity incident reports. It is intended for defensive security purposes only.

Common Rapiscan Default Passwords

Based on leaked service manuals, reverse engineering reports, and vulnerability disclosures from the past decade, the most frequently cited Rapiscan default passwords fall into several categories:

| Role / Access Level | Common Username | Common Default Password | Notes | |---------------------|----------------|------------------------|-------| | Operator (Basic scan review) | operator | ops or pass | Often no password at all on older units. | | Supervisor (Image storage, threat image projection) | supervisor | super123 or 9999 | Widely documented on 600-series X-ray units. | | Administrator / Service (Full system control, calibration) | admin | admin | The most dangerous default. | | Service Engineer | service | service or 0000 | Grants access to X-ray power adjustments. | | Windows Embedded Login | Administrator | rapiscan or P@ssw0rd | Since many run Windows, the OS password is often weak. | | Web Interface (older models) | root | root or rtt | For network-enabled management portals. | | Rapiscan 632DV (specific) | user | user | Documented in 2015 ICS-CERT advisory. |

Critical Note: Rapiscan frequently changes defaults for different product lines and firmware versions. One of the most infamous default passwords—rumored in security circles but never officially confirmed—was a hardcoded backdoor: rapiscan with no username. However, modern units (post-2018) typically force password changes during initial commissioning.

---