Raspberry Pi β Change Default Login (2025 Security Best Practice Guide)
Introduction β Why Change the Default Login?
The default Raspberry Pi username pi and password raspberry are publicly knownβand leaving them unchanged is one of the most common security risks. Changing these credentials immediately helps protect your Pi from brute force attacks, especially when connected to a network or internet.
In this guide, youβll learn:
- How to change the default password securely
- How to create a new user and remove the
piuser - How to update autologin for GUI and headless setups
- Real-world scenarios where user hardening matters
Step 1: Change the Default Password
Change password for current user:
passwd
If you’re logged in as pi, this will prompt for a new password.
Step 2: Create a New User with Sudo Access
Add new user:
sudo adduser myuser
Follow the prompts to set a secure password and user info.
Add user to sudo group:
sudo usermod -aG sudo myuser
Step 3: Switch to the New User
Log out and log back in as:
myuser
Or switch session:
su - myuser
Ensure everything works (Wi-Fi, sudo, file access) before deleting pi.
Step 4: Disable or Remove the pi User
Disable pi:
sudo passwd -l pi
This locks the account but retains files and config.
Or delete pi:
sudo deluser pi
sudo rm -rf /home/pi
Only delete pi if your new user is working correctly and has sudo access.
Step 5: Update Autologin for Desktop (GUI Users Only)
If Raspberry Pi is set to autologin as pi, youβll need to update the systemd service.
Edit autologin config:
sudo nano /etc/lightdm/lightdm.conf
Find and update:
autologin-user=myuser
Save and reboot:
sudo reboot
GUI will now autologin as the new user.
Bonus: Update File Permissions
If you’ve migrated files from pi:
Transfer files and update ownership:
sudo cp -r /home/pi/* /home/myuser/
sudo chown -R myuser:myuser /home/myuser
Why Default Login Changes Matter
| Risk | Without Change |
|---|---|
| SSH brute force attacks | Username + password widely known |
| Scripted IoT hijacking | Bots target pi@raspberrypi |
| Public Wi-Fi vulnerabilities | Passwords guessed in seconds |
| Misuse on shared networks | Anyone with access = root risk |
Summary β Recap & Next Steps
Changing the default pi login credentials is one of the simplest and most powerful ways to improve Raspberry Pi security. Whether you create a new user or harden pi, your system becomes far less vulnerable to common exploits.
Key takeaways:
- Use
passwdto change password oradduserto create a secure new user - Add new user to
sudoand test it before removingpi - Update GUI autologin and transfer files if needed
- Disable or delete
pionly after full testing
Real-world relevance: Critical for Pi used as servers, IoT devices, or remote nodes where unattended access is enabled.
FAQs β Changing Raspberry Pi Default Login
Is it safe to delete the pi user?
Yes, as long as your new user has full access and sudo rights. Always test thoroughly first.
What happens if I forget the new userβs password?
You can reset it by booting into recovery mode or using a keyboard + monitor to access single-user mode.
Will my software or scripts break if I delete pi?
Possiblyβscripts referencing /home/pi may fail. Update paths or keep pi disabled but not deleted.
How do I check who has sudo access?
getent group sudo
This lists all users in the sudo group.
Can I rename the pi user instead?
Not recommended. Better to create a new user, migrate, and then remove pi.
Share Now :
