diff --git a/scripts/http-default-accounts.nse b/scripts/http-default-accounts.nse
index 68ed547e7..07108c79f 100644
--- a/scripts/http-default-accounts.nse
+++ b/scripts/http-default-accounts.nse
@@ -57,11 +57,13 @@ This script was based on http-enum.
 -- Revision History
 -- 2013-08-13 nnposter
 --   * added support for target_check()
+-- 2014-04-27
+--   * changed category from safe to intrusive
 ---
 
 author = "Paulino Calderon <calderon@websec.mx>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery", "auth", "safe"}
+categories = {"discovery", "auth", "intrusive"}
 
 portrule = shortport.http
 
diff --git a/scripts/script.db b/scripts/script.db
index a5b8e5459..69b955f8e 100644
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -149,7 +149,7 @@ Entry { filename = "http-config-backup.nse", categories = { "auth", "intrusive",
 Entry { filename = "http-cors.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "http-csrf.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "http-date.nse", categories = { "discovery", "safe", } }
-Entry { filename = "http-default-accounts.nse", categories = { "auth", "discovery", "safe", } }
+Entry { filename = "http-default-accounts.nse", categories = { "auth", "discovery", "intrusive", } }
 Entry { filename = "http-devframework.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "http-dlink-backdoor.nse", categories = { "exploit", "vuln", } }
 Entry { filename = "http-dombased-xss.nse", categories = { "exploit", "intrusive", "vuln", } }