Requirement 2

Requirement 2:  Do not use vendor-supplied defaults for system passwords and other security parameters