Secure Initial User Accounts & Updating the System

Conveniently, the Raspberry Pi creates a default user when Raspbian is first installed. The default username is pi and the password is raspberry. While this makes it easy for new users to get started with the Pi, the device is now vulnerable once it is exposed to the public internet. Below are steps to fix this vulnerability and secure the Pi on its first boot.

Startup the Pi

Of course.

Login using default username and password

Username: pi
Password: raspberry

Create a new user and grant superuser privileges

$ sudo adduser <username>

Grant superuser privileges to the new user.

This will allow the new user to use the sudo command
$ sudo adduser <username> sudo

Alternatively, you can use this command if the above does not work:

$ sudo usermod -a -G sudo <username>

Logout of the default account and login with the new username

$ exit

You will be returned to the login screen where you can login as the new user.

Delete the default user

$ sudo deluser -remove-home pi

Update the system

$ sudo apt-get update
$ sudo apt-get upgrade