mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
//192.168.0.68/bak /data/bak cifs username=root,password=xxx,sec=ntlmssp,rw 0 0
"sec" is the security mode and determines how passwords are encrypted between server and client ( even if you don't require passwords ).
ntlm used to be the default which is why you never had to specify it discretely. Things have moved on however so the default is now ntlmssp. If you are accessing something which doesn't speak ntlmssp you have to override the new default with the old one.
Most NAS devices use older technology so they often require ntlm. If you access an OSX samba share however it requires ntlmssp so before you had to specify that in the mount options but now you don't.
There are winners and losers with every change.
If you run the following command you will see the whole range of sec modes available:
1 <span class="hljs-selector-tag">man</span> <span class="hljs-selector-tag">mount</span><span class="hljs-selector-class">.cifs</span>