Thursday, September 23, 2004
Default login and password for network devices
I have always wondered, why do device manufacturers put in the same default password for all the units of a particular product. Eg, all Netgear MR814 routers would have the same password - "password". Isnt it possible for manufacturers to generate a different password on every router and then they could add a password sticker either in the casing or on the manual. Is it really that difficult? With consumers lapping up wifi routers, we need to atleast have the basic password security taken care of. No amount of encryption strength can save you, if you have a weak or default password.
Needless to say, you should change the password (and if possible also the username) of any network device as soon as you install it. At the bare minimum, the password should be alphanumeric and atleast 8 characters long. For corporates, enterprises and businesses the network devices need to have stricter password rules.
I still think it is the manufacturer's responsibility to make the user change the password on the first boot-up or install.
Copyright Anand Jain 2004, 2005. All rights