the default login of root will always be valid, but the blank password will not. Once someone logs into a box that is at factory default they must assign a password to the root user prior to issuing a commit (IE- making ANY configuration changes effective).
If you don't know the password it is pretty easy to recover it from the command line but it requires a reboot into single user mode so there would be downtime.