yep. the password is just stored in a special memory page that doesn’t allow reads… but yes if AUTH0 is set to E6-FF you can just issue that command to set the password. If AUTH0 includes E5 then you will need to issue an auth command first, then you can write to page E5
The current batch of NExT does have a password set, but we decided to leave the xSIID password set to factory default FF FF FF FF. We did set AUTH0 to enable protections, just to ensure there was an extra step at least to alter those bytes… but it was a gamble… so many badly written NFC apps will gladly issue the PWDAUTH command with factory default just as a check mechanism, and in doing so, may possibly impact the AUTHLIM counter (if it’s enabled) which is a terrible disservice as an app to take a potentially destructive action without even informing the user… but then once PWDAUTH is issued, it can freely overwrite config bytes by accident… if it’s badly written… so you see it’s a bit of a risk for our users to not set a password on the xSIID…
I think though that once we have our own app (@hoker), we will program the next batch to have a non-factory but defacto default password… maybe we will make all DT product passwords DNGR from the factory… dunno yet.