# Automatically Generate Random Passwords for Phones

Leaving phones on their factory default passwords is a security risk, and updating each one by hand does not scale. Cloud Voice can create a unique, complex password for the three built-in login accounts on each auto-provisioned phone (admin, user, and var), so every device is secured without any manual effort on your part. This page walks through turning the feature on.

:::note
These accounts are the logins for a phone's own web interface: **admin** has full access, **user** has limited access, and **var** is the account used during provisioning. "Auto provisioning" means the PBX (Private Branch Exchange, the phone system that routes your calls) pushes settings to each phone automatically instead of you configuring the handset by hand.
:::

## Before you begin

Your PBX must be running firmware **84.18.0.101** or later.

## Turn on random password generation

:::tip
Turn this on before you provision your phones. It is the recommended setting because it removes shared default passwords, which are one of the most common ways an attacker gains access to a phone.
:::

1. Sign in to the PBX web portal and open **Auto Provisioning > Phones**.
2. Above the phone list, click **Options**.

   ![The Options button above the auto-provisioning phone list](/images/pbx/option-random-password.png)

3. In the dialog that appears, tick **Generate a random phone password**, then click **Save**.

   ![The Options dialog with the random password checkbox selected](/images/pbx/enable-generate-random-password.png)

## What happens next

From now on, each time you add a phone, Cloud Voice fills in randomly generated password(s) for it automatically.

:::caution
This setting applies only to phones you add after enabling it. Phones that were already provisioned keep their current passwords, so it will not update devices you set up earlier.
:::

:::note
To set your own value instead of the generated one, click the back arrow (![Back arrow icon](/images/pbx/wizard-previous.png)) and type a new password in the relevant fields.

![Editing the generated password fields when adding a phone](/images/pbx/change-random-password.png)
:::
