I mean, if you're in my LAN you almost certainly got there via my desktop, so you can just keylog my desktop or grab my private keys. So, again, who cares? Not having a default password adds zero security to my RPi.
Is a significant fraction of RPis really deployed to the public internet with default passwords?
