I much prefer the defect where the root password was the empty string [1].

https://security.it.miami.edu/stay-safe/sec-articles/macosx-...

[1] Actually, the defect was that creating a root account was a unprivileged action, so anybody could create a root account on your machine with a password of their choice. The most obvious presentation is that you could login to root by pressing enter twice with the empty password; the first time creating root with the empty password and the second time logging you in.