KUDOS This procedure is great! I just used it with immediate success!
My Firmware version (white light)
~ # cat /etc/version
ONE CATCH: The web interface will not let you change the pass after doing this procedure.
You can login with the admin/admin, however when you try to change the pass using the
web interface and you supply admin for the "old password" the interface will report an error
and say that you've entered an invalid "old password", even though 'admin'/'admin' is what
you are currently logged in with.
THE FIX: You can either leave the 'admin' password as 'admin' (NOT RECOMMENDED, DUH!)
or you can follow the below steps to change it to whatever you would like.
Step1: Make a new dummy account.
Use the User page in the web interface to create a new user account with administrative privilege.
It matters not what you name the account, as you will delete it later anyway. Set the password
on that account to be what you want the admin password to be. (Maybe you can see where this
is going) Logout. Log back in with your new admin account. Verify the password has been entered
correctly as you want it. Logout.
Step2: SSH to the NAS and copy the hash.
Feel free to back up /proto/SxM_webui/share/config/.htusers.php before editing it. (I don't, but I'm
a fool.) Use your text editor (probably vi) to go back into the /proto/SxM_webui/share/config/.htusers.php
file. You should now see your new dummy user has his own entry, and most importantly the hash we
need. Replace the hash portion of the string for the admin entry ('21232f297a57a5a743894a0e4a801fc3')
with the hash from the new dummy account line. I wouldn't get overzealous and delete the new dummy
account from here. It might be safe but then again, it's best to look both ways before crossing the street.
VI USERS: Be sure you :wq and not :q!
I'm not sure why it's important but since the above procedure has you do it go ahead and #passwd admin
from the command line and enter the new pasword you've just set.
Step4: Remove the dummy account.
Go ahead and login to the web interface with your new admin account password. Then, go ahead and remove the
dummy account, or don't.
NOTE: I suspect, and may someday test (if I do I'll update this) that one ought to be able to completely
remove the admin line from the .htusers.php file and leave a new non default named account in it's place.
I would caution you that the admin account may be used to run some services and therefore may be necessary.
I hope that this helps someone! This forum has been so helpful and I'm glad I can give something back!