Configure the firewall or the service settings to only allow connections to management ports from specific, trusted IP addresses. 3. Use Strong Passwords and Remove 'Admin'

Attackers can download the user.dat file, extract plain-text credentials, and gain full administrative control.

/ip firewall filter print /ip firewall nat print