Default passwords (or other default credentials) can function as backdoors if they are not changed by the user.
In 1993 the United States government attempted to deploy an encryption system, the Clipper chip, with an explicit backdoor for law enforcement and national security access.
The chip was unsuccessful internationally and in business.
For example, if a photomask obtained from a photomask supplier differs in a few gates from its photomask specification, a chip manufacturer would be hard-pressed to detect this if otherwise functionally silent; a covert rootkit running in the photomask etching equipment could enact this discrepancy unbeknown to the photomask manufacturer, either, and by such means, one backdoor potentially leads to another.
(This hypothetical scenario is essentially a silicon version of the undetectable compiler backdoor, discussed below.) In general terms, the long dependency-chains in the modern, highly specialized technological economy and innumerable human-elements process control-points make it difficult to conclusively pinpoint responsibility at such time as a covert backdoor becomes unveiled.
A backdoor may take the form of a hidden part of a program one uses, Although normally surreptitiously installed, in some cases backdoors are deliberate and widely known.