dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1395
share rss forum feed

whyamihere

join:2008-10-01
Tyler, TX

What are new DSL network password character limits

A few months ago, AT&T changed my PPPoE DSL login PW - w/o notice (and a lot of other folks). The support tech told me that they now only allow 6 (six) character alpha numeric NETWORK connection passwords. Is that true? That seems ridiculously insecure, but maybe true. (The separate email acct PW can be much longer)

Has anyone reset their DSL login PW manually, since late July to Aug. 2012, before I go to the trouble of trying to use a longer PW?

I've looked on their site a lot & not sure - for residential direct DSL (with OUT phone), the page to reset NETWORK connection PW seems to be this page: »www.att.com/olam/loginAction.ola···erType=L

Then (for dry loop, direct DSL) select Internet & Phone.
I can login on the next page, using my master email acct address & it's email PW. After that, it gets fuzzy as to WHICH PW you would be resetting, if you manage to get to a page w/ a PW reset. They don't say if it's the email PW or DSL network (they are different). It's one of the most confusing mazes of pages.

One page from Internet / DSL support, (finally, after dozens of pages) mentions reset DSL network PW. But, no mention if you'll be able to choose a PW > 6 chars, or they'll just generate one. How is 6 characters secure? Page looks like this

quote:
Forgot Password

What's this?

Select Your Password Retrieval Method
Answer Security Questions
These are the security questions and answers that you provided to protect your account.
Receive a temporary password
You'll use this temporary password to reset your account password.

Reset DSL network password

You can either answer your security questions or request a temporary password that you then can use to reset your account password. Please select the method you prefer and if requested, validate your account information.


wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by whyamihere:

A few months ago, AT&T changed my PPPoE DSL login PW - w/o notice (and a lot of other folks). The support tech told me that they now only allow 6 (six) character alpha numeric NETWORK connection passwords. Is that true?

The dsl network password is system generated and it never leaves the att network.

said by whyamihere:

Has anyone reset their DSL login PW manually, since late July to Aug. 2012, before I go to the trouble of trying to use a longer PW?

The dsl network password is system generated not user created.

said by whyamihere:

That seems ridiculously insecure, but maybe true.

I suggest that you leave this alone you can lock yourself out of internet access.
You should confirm the answers to the security questions and make note of them for future reference

said by whyamihere:

One page from Internet / DSL support, (finally, after dozens of pages) mentions reset DSL network PW. But, no mention if you'll be able to choose a PW > 6 chars, or they'll just generate one. How is 6 characters secure?

You can create a password for the email/account maintenance........
Again, The dsl network password is system generated


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to whyamihere

I have not been a customer since April, 2011, so I can't address the latest changes. Prior to my departure, having a separate network password was optional. There was a method in place to obtain a new network password without changing the email password; and I went through that process to learn it because a relative had a compromised account password.

As wayjac See Profile states, the network password is system generated. When I initiated the network password change, I got a six-character, alpha-numeric password. This was only for the PPPoE session.

I often questioned the need for a PPPoE login; some ISPs offering DSL service don't require it, using DHCP instead. You can't steal my current DSL Internet connection, even though it isn't password protected. Not without physically connecting to the line; similar to cable.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


whyamihere

join:2008-10-01
Tyler, TX
reply to whyamihere

Thanks to both. Thanks Norman, for the answer.
Good advice, wayjac (is that a 3 ft wrench you're holding?).
I write the security questions / answers down.

quote:
The dsl network password is system generated and it never leaves the att network.
Except when / if you manually have to enter it into your router / modem.
It's not automatically entered in my router (if it ever is, for anyone). I use AT&Ts gateway in bridge mode.

And except when the PW goes south (as it did another time) & you have to reset it.

You can spend 2 hrs on the phone, while they go thru their script (which I also did), while you plead, for the love of God, just reset the PW.
Or you could reset yourself it in 5 min. Plus another 5 to enter in router & reboot system.

Suggestion to others: Choosing a security question like "What's your fav color?" & Ans. "Blue" or "Red"; or "What was name of your HS?" - aren't secure in the least. Most hackers would guess something like a primary color, & any one can look up what HS you attended on the web. Choose something no one can guess or find out. Or choose answers that don't "match" security questions - & WRITE them down.


wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by whyamihere:

Good advice, wayjac (is that a 3 ft wrench you're holding?).

If I remember correctly it is about 3 foot long

said by whyamihere:

I write the security questions / answers down.

This is good.
The dsl network password is system generated and it never leaves the att network.

said by whyamihere:

Except when / if you manually have to enter it into your router / modem.

Seriously the dsl network never leaves the att internal network.
When the email password hits the internet it's secured (I think?)

I used att dsl since 2003
And have just one dsl network password and one dsl/email password

said by whyamihere:

Or you could reset yourself it in 5 min.

You must know the security answers to do this so record them.

whyamihere

join:2008-10-01
Tyler, TX

said by wayjac:

Seriously the dsl network never leaves the att internal network.
When the email password hits the internet it's secured (I think?)

Not sure I understand. Unless you're counting the user's modem / router as part of their internal network. The same DSL network authentication, system generated, 6 char PW, has to be manually entered into my router. The router has to resend the PW every few min to keep a connection, of course. I don't consider my router part of their system.

I HAD to have AT&T reset my DSL network PW twice. Once, I could have done it myself, if I'd known what the problem was.

They HAD to reset my email PW at least once (I couldn't do it, even knowing the security info). I believe it had to be reset once more by me - because it wouldn't work - not because I forgot it.
This is since about 2007.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

said by whyamihere:

Not sure I understand. Unless you're counting the user's modem / router as part of their internal network. The same DSL network authentication, system generated, 6 char PW, has to be manually entered into my router. The router has to resend the PW every few min to keep a connection, of course. I don't consider my router part of their system.

I don't think I understand your exception, or your concern. The DSL network password is used to authenticate the PPPoE session. The authentication server is a part of the AT&T network. The DSL network password does not go beyond the authentication server; regardless if the PPPoE session is established on the modem, or a router, or computer behind the bridged modem; it stays internal to AT&T.

By contrast, the e-mail password leaves the AT&T network to traverse Yahoo! transit en route to the mail server.

Until some time in 2008, or 2009, my DSL network password was the same as my primary e-mail account password. This was common back to 2001, when I established DSL service with Pacific Bell (which was owned by SBC, but still allowed to bill as, "Pacific Bell" at that time).

Probably subsequent to the AT&T purchase of Bellsouth, AT&T set up the separation of the DSL network password and the e-mail password. A relative had the bad habit of using the same, simple password for everything, and had an MSNIA account stolen. I knew I would be changing her passwords, and decided to experiment with requesting a DSL network password reset on my system, to see how I would implement the change for her (she is an 'at&t Yahoo! HSI' customer).

Separating the two means you don't have to remember to change the DSL network password in the modem/router/gateway every time you change the primary e-mail account password.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


hyphenated

@bellsouth.net
reply to wayjac

If you have a regular Dsl modem and the stored password is wrong and there is no in between router or dns it will usually forward you to a secure AT&T page to reset your password by using other account information such as DOB and SS#.



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by hyphenated :

If you have a regular Dsl modem and the stored password is wrong and there is no in between router or dns it will usually forward you to a secure AT&T page to reset your password by using other account information such as DOB and SS#.

A wrong member id and/or password will be redirected.

This is the member id page:

/r0/download/1343795~24fb019e64295dbf5cb2c3d37d08368b/at&t_redirect.png

This is the member password page:

/r0/download/1343667~fb792cfc819f5bc1465364568e4955b3/Redirect.gif