dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1796
share rss forum feed


routerhelp

@bahnhof.se

Weak router access password?

the router access password (the password that you enter to get access to the router's settings using your browser) for the Medialink MWN-WAPR150N is very weak. should i be worried that some stranger (assuming they don't have physical access) can wirelessly connect to my router and make changes to my router's settings?

i do have a strong wpa2 password; do they have to guess that one correctly first before they have a chance to guess the (much weaker) router access password?

would your answer change if we were discussing a router from a different manufacturer, or do they usually all work the same way?


darcilicious
Cyber Librarian
Premium
join:2001-01-02
Forest Grove, OR
kudos:4
Reviews:
·Frontier FiOS

1 recommendation

It sounds like you're talking about the default password to access the admin settings for your router; if so, then yes, you should change it.

(Also, often times, the administration interface is available over the Internet in which case no, a user would not need to know the wpa2 password to mess with your router settings.)


routerhelp

@dfri.se
well it's already as strong as my router will let me set it; the maximum password length is only 12 characters. it's not just this manufacturer either. some of netgear's routers also have a 12 character maximum on their password.

if i disabled the "remote web management" feature, is there another way the user could bypass the wpa2 password? according to the manual, the "remote web management feature" does this:

"This section is to allow the network administrator to manage the Router remotely. If you want to access the Router from outside the local network, please select the "Enable"."

is this what you were talking about? if disabled, would i still be in danger?


darcilicious
Cyber Librarian
Premium
join:2001-01-02
Forest Grove, OR
kudos:4

1 recommendation

As long at the admin password isn't the default one, then you're relatively safe; and yes, disabling remote admin access ("remote web management") is generally a good idea unless you really need that functionality.


routerhelp

@torservers.net
even if my admin password is the default one, am i not safe if remote admin access is disabled and i have a strong wpa2 password?

neilsh

join:2004-08-12
Bellevue, WA
said by routerhelp :

even if my admin password is the default one, am i not safe if remote admin access is disabled and i have a strong wpa2 password?

No you're not safe. There are attacks that force a connection from your computer back to your router if you haven't changed the default password. Don't assume all attacks come externally to your network.

»www.techspot.com/news/39724-mill···ack.html


Da Geek Kid

join:2003-10-11
::1
kudos:1
Reviews:
·Callcentric

1 recommendation

reply to routerhelp
anything on the network can be hacked... so, if you are extremely worried and need some sleep. You could always turn off all the devices including the router off before you go to sleep.

but turning off the remote web management should resolve this issue.