Access points must not use the factory-set
OWASP-ASVS v4.0.1 V2.5 Credential Recovery Requirements.(2.5.4) Verify shared or default accounts are not present (e.g., "root", "admin", or "sa").
OWASP-ASVS v4.0.1 V2.10 Service Authentication Requirements.(2.10.2) Verify that if passwords are required, the credentials are not a default account.
OWASP-ASVS v4.0.1 V14.2 Dependency.(14.2.2) Verify that all unneeded features, documentation, samples, configurations are removed, such as sample applications, platform documentation, and default or example users.
PCI DSS v3.2.1 - Requirement 2.1.1 For wireless environments connected to the cardholder data environment or transmitting cardholder data, change ALL wireless vendor defaults at installation, including but not limited to default wireless encryption keys, passwords, and SNMP community strings.