Cybercriminals maintain massive databases of default credentials. When a new string like toor4nsn appears in the wild, it is rapidly incorporated into botnet scanning scripts. A system that still accepts toor4nsn will likely be compromised within minutes of being connected to the internet.
If you found toor4nsn in your environment, treat it as a critical vulnerability. Change it, lock the account, and audit for signs of compromise. And if you are a developer or system builder, never—under any circumstances—ship a product with a default password like toor4nsn . The convenience is fleeting; the exposure is permanent. toor4nsn password
For any administrative access, switch from password-based logins to SSH key pairs. This renders static passwords (including changed ones) much less critical. lock the account
PermitRootLogin no