Ken's Korner Newsletter Logo March 2020
Default Passwords

Change the Password!

Most people never change the default password that come with their device. Whether it is a Wi-Fi router, Internet camera or any of a myriad of IoT connected devices. The manufacture uses a default password that, in most cases, is the same for every device.

For example with the
Comcast business class cable gateways the user name is cusadmin and the password is highspeed. Netgear routers come from the factory with the user name set to admin, the password is password and the local address is www.routerlogin.com. I am not revealing any closely guarded state secrets her. This information is readily available on-line, just search for, “Netgear default user name and password” and look at all the places that know your password.

These defaults are intended for initial setup and testing.
Most vendors recommend changing the default settings before deploying the device into actual use. Logging in with blank, default or common passwords is a widely used attack technique that hackers often find successful.

Keep your password secure. Some devices come with a unique password,
assigned to the device during the manufacturing process. The password is printed on the outside of each device. This is a little more secure but changing the default is still a good idea. If the unit is in a closet or other accessible location a hacker could just look on the bottom of the device, even take a picture of it with a smart phone and then they have your information.

The process for setting the user name and password is usually pretty simple.
The instructions that come with the device usually describe how to set a new password. If not, you can usually find the instructions on the manufactures website.

Once you have changed the password,
write it down and keep it in a secure location. If you ever reset the device it will go back to the default password and you will have to change it again. Updating the firmware will not change the password.

And don't use any of the common passwords,
like “password” or “12345678”. That really isn't any more secure than the default password. Do a search for common passwords and make sure you don't use any of them. If possible use a passphrase and remember that with passwords longer is better.

In the September 2017 edition of the newsletter,
(http://kdubrovin.com/pub/newsletter/sep2017.html) I discussed secure passwords and how to test them. Here is another tool for checking passwords that is even better, (https://www.safetydetectives.com/password-meter/) and a shout out to Adam Roger, thanks for that!

Using the same password

Don't use the same password for all your security needs.
While that may be easy to remember it means that if someone gets your password they have access to everything. Don't make it any easier for the hackers. If trying to remember all those passwords is getting to be too much consider using one of the password managers like Dashlane, (https://www.dashlane.com/) or Lastpass, (https://www.lastpass.com/) to name but a few of the password managers out there.

And remember — always back it up!

 

 

Go back to the top

To get the Ken's Korner Newsletter delivered to your Inbox CLICK HERE