[geekmaster]

You web page for calculating kindle root passwords shows mario for 4.0, and fionaXXXX (4 hex digits) for 4.0.1.

I have two K4 devices. The first one came with 4.0 and used a fionaXXX (3 hex digits) password. The second one came with 4.0.1 and used mario for the root password.

My experience is the opposite of what your web page indicates.

Also, passwords are only 8 characters (fionaXXX). On the K3 and earlier, extra characters would fail password authentication. K4 and Touch also use 8 characters (fionaXXX) just like the K3, but extra characters are ignored.

So there is no such thing as a "fionaXXXX" password. All known kindles use framework:mario, and either root:mario or root:fionaXXX (3 hex digits), and the mario root password does not depend on the firmware version (as shipped, or after a firmware update).

Part of what caused this confusion was that the Sir Alex Kindle Diagnostic Tool (KDT) reports fionaXXXX (4 hex digits). I suspect that in some cases (such as serial port login), the K3 and earlier also ignore extra hex digits on the password, so the extra hex digit did not cause serial port logins to fail like they do on SSH logins. The extra hex digit confusion may be why the K3 SSH hack skips login authentication.

UPDATE: This only applies to original default passwords, which use 8-character DES encryption. Any passwords changed with the "passwd" command use MD5 encryption that hashes all the password characters.