Default configurations in software are not always the most secure. For example, you might buy a network-attached home security camera from your friendly neighborhood electronics store. While these are handy to keep an eye on your property from the comfort of your phone, they also typically come shipped with a default username and password. And since they are connected to the web, they can be accessed from anywhere. Attackers know this, and Internet of Things (IoT) devices like this are common targets for malware that hijack devices using default passwords, making them part of huge DDoS botnets like Mirai.