

The good Chinese brands, if they do have a hard-coded password, usually make you change it on first login. I’m pretty sure newer Hikvision and Dahua models do this (plus their resellers/rebrands like Amcrest, Lorex, Annke, etc). You need to pay more than the garbage brands, but they’re worth it.
Of course, there’s all sorts of junk on Amazon that don’t follow any sort of standards.
It’s usually fine if you stick to a good well-known brand, but there’s some cheaper cameras that are bootleg clones of other brands, that can’t run the latest upstream firmware so they’re stuck on a hacked/modified version of older firmware.