Ars Technica

“pi” no more: Raspberry Pi OS ditches longtime user account for security reasons

Since its launch, the Raspberry Pi OS (and most operating systems based on it) has shipped with a default “pi” user account, making it simpler to boot up a Pi and start working without needing to hook ...
Bleeping Computer

Raspberry Pi removes default user to hinder brute-force attacks

An update to Raspberry Pi OS Bullseye has removed the default 'pi' user to make it harder for attackers to find and compromise Internet-exposed Raspberry Pi devices using default credentials. Starting ...