This has been discussed before.
There is no password protection on the empeg because any system implemented can be overridden simply by applying a software upgrade and/or formatting the drives.
The only proper secure password protection would be built into the hardware (which it isn't) and even if it were, it would be a pain in the ass to administer, would be a pain in the ass to legitimate users, and would require a support team at SonicBlue to answer phone calls from legitimate users who forgot their password.