Default password
As mentioned already, yes change the password. Make it pretty long say 30 chars. If it is long I see no problem with using mostly ordinary words but not a well known phrase, with some twiddly bits. Unless of course you are expecting GCHQ in which case you should us a random password generator - or turn off the radio entirely.
The problem with the default password is that I understand that some ISPs have in the past used a complicated looking string derived from the default SSID or MAC address, both of which are accessible externally. The algorithm has subsequently become public.
I used something like this for a while years ago.
itwasAlongandbOvril!{road}297tohellitwasAlongandbOvril!