It’s a really great system and is great to work on as far as administration of the system. I’ve found a good amount of valuable tech support using the ShoreTel support on their site, but I’ve found some equally beneficial help on shoretelforums.com. I value the help that I find on both websites. However, I recently became frustrated when searching for the default username and password for a ShoreTel switch.

I had to telnet into this particular switch to check on most likely add some ip routes. I’d done it before but did not document the login credentials I had used previously. So, I went to the place that I had found it before: shoretelforums.com. I searched for “telnet” and the first result was a post that had a link to the ShoreTel.com support document with the credentials… only this time the link was broken.

After racking my brains for a few minutes, I remembered the password and my colleague recalled the username. I thought is was sort of strange that no one on the forums site had simply posted the credentials. So, I did just that… only to find that my post had been edited and the credentials removed. Here’s what it said:

{edit: this site is open to the public, and for security reasons, I’d rather not have this password openly available. Feel free to PM it to somebody, but not post it openly. Thanks, and hopefully no hard feelings }

Sorry, but I think that’s just plain lame. No, there’s no hard feelings… but I don’t understand the logic in keeping this sort of information ‘secret’ from the public.

I help maintain a network infrastructure with Cisco and HP core switches that I believe are much higher on the importance chain than a VoIP switch. I can go to the manufactures sites for either of these and easily find the default credentials for any of their products. What makes it so important to keep this information ‘secure’ from the public.

Well, since I can’t post the credentials on the shoretelforums.com site, I’m going to post them right here on my site!

**edit**
There is a good reason that the credentials are kept from public view. If you are not familiar with working within the VxWorks CLI, then you should be cautious when using it… perhaps not even take the risk, and just contact your support vendor. Be aware that you may cause irreparable damage to the device. If you’re unsure, you should contact your ShoreTel support vendor.

Default ShoreTel VxWorks login credentials:
Username: anonymous
Password: ShoreTel

Don’t forget to enable telnet to that device before wasting your time trying to log in:
for a phone: phonectl.exe -telneton TARGET_IP_ADDRESS
for a switch: ipbxctl -telneton TARGET_IP_ADDRESS

Now, we’ll just have the interweb search monkeys go an do their voodoo… and before you know it, when you google “shoretel telnet login” or “vxworks credentials”… let’s just see if this post gets a better ranking than the forums.

When it comes down to it, if this post helps just one poor soul quicker than going through the forums or the ShoreTel site, then I’ll be happy.