I think I found something does not work properly in making the configuration backup file of the MikroTik device (RB951G-2HnD) with the default password (user password).

During preparing materials for teaching my MTCNA course, I have made a configuration backup file of the MikroTik device (RB951G-2HnD) with the default password (user password e.g. 12345). After that I have reset the device with no default configuration and then restored the configuration backup file to the device with no any password provided.

What I expected was an error message like I have ever done before (with other MikroTik devices). However, no any error message was displayed and the configuration backup file was able to be restored without password or with incorrect password provided.

Note that the routerOS of the MikroTik devices have the stable version (6.43.4).

Later on, I have downgraded the routerOS to the long-term version (6.42.10). I did the same process as above. It worked correctly. That is, the configuration backup file was able to be restored only if the correct password (user password) was provided. Otherwise a popup message with the sentence "bad password" was display.

Just inform what I found. Any idea, please let me know

Could be this.

What's new in 6.43 (2018-Sep-06 12:44):

MAJOR CHANGES IN v6.43:
----------------------
!) backup - do not encrypt backup file unless password is provided;

@Kindis Thank for your post.
=============================================
What's new in 6.43 (2018-Sep-06 12:44):

MAJOR CHANGES IN v6.43:
----------------------
!) backup - do not encrypt backup file unless password is provided; "
=============================================
It means this will be in the next version too.???? Note that the procedure according to the wiki below works like the previous version.

Just wonder because I will have to give the right procedure to my students in the upcoming MTCNA class.

https://wiki.mikrotik.com/wiki/Manual:C ... Management
=============================================
Encryption
Since RouterOS v6.13 the backup file is encrypted by default, if the current RouterOS user has a password configured, or if the "password" parameter is used. If your RouterOS user doesn't have a password set (for example admin and no password) then backup file is not encrypted, to enable encryption in this case, use the "password" parameter.
=============================================

In newer version password is no longer stored as plain-text so it can not be used to encrypt backup file without user explicitly providing password.

@eider Thank you for your post.
"In newer version password is no longer stored as plain-text so it can not be used to encrypt backup file without user explicitly providing password."

In the newer version,
Does it mean that the user password of RouterOS is not used by default for the encryption of a configuration backup file anymore if the password of the configuration backup file is not explicitly provided.???

Thank you in advance.

@eider Thank you for your post.
"In newer version password is no longer stored as plain-text so it can not be used to encrypt backup file without user explicitly providing password."

In the newer version,
Does it mean that the user password of RouterOS is not used by default for the encryption of a configuration backup file anymore if the password of the configuration backup file is not explicitly provided.???

Thank you in advance.

Yes, Since the change to ROS to make password more secure they are now encrypted within ROS. For this reason ROS does not know the password and cannot use it.

@Kindis Thank you for your clarification.