« Is Information Security Less Important to Business Than a Rumor?
Women as Explained by Engineers »

More Stupid Security

Yes that’s the default username and password for my Netgear wireless router printed during manufacturing on the body of the router and for good measure its the old chestnust of admin and password. The marketing claims this device has a double firewall! When will vendors learn? This beats the old password on a post-it note hands down.

Explore posts in the same categories: Security Bullshit

This entry was posted on May 17, 2007 at 9:27 am and is filed under Security Bullshit. You can subscribe via RSS 2.0 feed to this post's comments. You can comment below, or link to this permanent URL from your own site.

3 Comments on “More Stupid Security”

  1. Stefan Says:
    May 18, 2007 at 9:40 am

    Hello,
    while I agree, that the username/password combination wasn’t a lucky choice, I would think, there is nothing wrong, with printing it on the back side. Whatever is the default setting, would have to be changed for securing the device anyway. And printing it on the back helps the administrator to get the device running more easily, in case it has been purchased second hand or the modified password was lost for some reason.

    There are a lot of things, I would prefer over a secure default password with ssh access to the machine, ssl access to the webgui and a nonactive radio transmitter in the default setup being the most important ones.

    As a last note, I really enjoy reading your website, keep up with with the good content and you will have one loyal reader more.

  2. Chris Says:
    May 22, 2007 at 4:53 pm

    Netgear’s default password implementation is better than most routers that use the same password for everything, as it is much more difficult to hack without physical access to the router. With physical access to any system, given time, it can be hacked. I bet other home routers have reset buttons or other reset routines that will allow the admin password to be bypassed, and it appears that yours does, too. Props to Netgear for at least making it more difficult to hack remotely or via viruses than the bulk of routers out there. No idea what the heck a double firewall on a single device is, though.

  3. mcurphey Says:
    May 24, 2007 at 12:12 pm

    Chris

    Thanks for your comment.

    They do turn off the web interface to the internet by default. That said when my Internet goes down, I still hope into town and connect via no WEP a local shops Netgear. I know its that as using admin and password and then navigating to 192.168.1.1 I get the admin interface ;-)

Comment: