| |||||||||||||
Default passwordsDefault passwordsPosted Sep 30, 2010 10:06 UTC (Thu) by epa (subscriber, #39769)Parent article: BruCON: How to take over the world by breaking into embedded systems
It's surprising that home router devices still use default passwords when the fix is so simple. Generate a random password and print it on a sticker on the underneath of the device. If anyone has physical access to the device, they must be its owner anyway. This wouldn't prevent your children overriding parental controls but it would be good enough for every other home setup.
Or, indeed, make a small switch on the front panel that must be pressed to enable administration mode. Passwords are quite unnecessary when you can just test that the user can physically touch the device.
A third alternative would be to disallow administration over the wireless network; only someone connected over an Ethernet cable can do it.
(Log in to post comments)
Default passwords Posted Sep 30, 2010 14:12 UTC (Thu) by NAR (subscriber, #1313) [Link] Generate a random password and print it on a sticker on the underneath of the device.That's an extra couple of cents... make a small switch on the front panel that must be pressed to enable administration mode That's a couple of cents also and really unfeasible if let's say the wireless router is somewhere in the attic while the computer with keyboard is downstairs... A third alternative would be to disallow administration over the wireless network So you couldn't administer it if you only have wireless devices and don't happen to have a UTP cable at home...
Default passwords Posted Sep 30, 2010 14:57 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]
you can't use your access point at all if you don't have a UTP cable, so they helpfully include one in the box.
|
|||||||||||||