A major vendor of payment terminals has been shipping devices for over two decades with the same default password. The vendor wasn’t named by the researchers, but they did disclose the password: 166816. The password remains in use on nine out of 10 terminals they see from the vendor, in part because customers mistakenly assume it is unique to them. The company said it strongly encourages customers to change the password and that new products come with a “pre-expired” password, which requires users to change it.”]