Misconfigurations remain a popular compromise point — and routers are leading the way. According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing […] The post Router reality check: 86% of default passwords have never been changed appeared first on Security Intelligence.
Aren’t routers usually provided with random default passwords these days?
Usually is a strong word, I’d be surprised if it was over 50% of current models
The old AT&T router I had came with a pretty obscure SSID password on a label printed on the side of it. The admin password was also a mix of punctuation and mixed case alphanumerics. I saw a neighbor’s router and it’s SSID password was different. So if these were being machine generated and set, that means there’s some sort of service access and port into the router from AT&T’s side.
Comcast Business Router, however came with a fixed username and password which I had to change when I set it up. I can’t imagine a non-techie person going through this step.
Anyone got a list of default passwords handy?