It's not just hard-coded. That would be dangerous.

We have a backup of it on a post-it attached to the big monitor in the ops center.

I recall many moons ago needing to migrate monitoring software to a new environment, and the original admins were no longer with the company. We didn't have the SQL password, so we couldn't make any changes. After a while in with tech support, we got transferred to someone else. That person let us know where in the file structure the plaintext doc containing the password lived.

I wish I was joking.

Alternative name for the one labeled migrain: the zuko

Fifth type: 2FA for trivial shit you don't care about that you can't opt out of.

If it's hardcoded then I don't know about it, it's not real and it can't hurt me.