[Solved] Why should I bother changing my broadband router's default password?

qubit · Jan 29, 2014

Ok, this isn't quite the numpty question that it first appears and here's my reasoning:

Firstly, there's no threat at all from inside my network from malicious household members, naughty kids etc. So no one's gonna log into it and screw it up. What about an infected PC? Well, I don't remember ever getting a malware infection in the 15+ years I've had PCs since I take all the usual precautions, so this is a very unlikely problem.

Secondly, the external web interface is switched off so no one can attempt to try and log in to it.

Thirdly I have the SPI firewall switched on.

I leave it like this, because I find it very convenient to leave the default password as it is since it prevents me having to do a potential router factory reset should I forget it and can't find it written down somewhere.

So, if you think I have a gaping security hole here, I'd like to hear about it.

EDIT: I have Wi-Fi turned off on my router too. It's ethernet only for me.

brandonwh64 · Jan 29, 2014

They are ways around it but really pointless to try. I usually set them to something other than the default though.

micropage7 · Jan 29, 2014

its up to your situation
if theres no threat its ok to leave it default

FordGT90Concept · Jan 29, 2014

If you want to have unprotected sex, you're responsible for the consequences.

FX-GMC · Jan 29, 2014

FordGT90Concept said:
If you want to have unprotected sex, you're responsible for the consequences.

Those viruses can be slightly more permanent tho.....

qubit · Jan 29, 2014

FordGT90Concept said:
If you want to have unprotected sex, you're responsible for the consequences.

You'll have to do better than that.

Given my scenario, I'd be grateful if you could explain exactly why it's such a risk.

erocker · Jan 29, 2014

Even a simple password that anyone can remember is probably better than using the default password. It's really not a hard choice to make.

qubit · Jan 29, 2014

erocker said:
Even a simple password that anyone can remember is probably better than using the default password. It's really not a hard choice to make.

Oh I know and everywhere else I do just that. It's just so convenient to leave it like this for my routers.

Also, it's just that I've been doing this for years with my routers and have never had a problem so I'm curious to know if I've missed something. From the answers I'm getting here, it looks like I'm doing ok.

In any security related advice one reads you always see them say to change the password and I agree with that in general. It's just that in my scenario, it would seem that I can get away without doing this.

jihadjoe · Jan 29, 2014

The answer really is why not?
It takes minimal effort to set a new password, and in the off chance that you do contact malware that makes use of a table of default router passwords you'll be safer for having changed it.

Sasqui · Jan 29, 2014

Mussels will use one of his Cantennas and take over your network, then your world. Be warned.

Kreij · Jan 29, 2014

It's true that there is but a slim chance your router may be compromised, but if you can make that chance even slimmer through a simple password change it would seem prudent to do so, no?

FordGT90Concept · Jan 29, 2014

qubit said:
It's just that in my scenario, it would seem that I can get away without doing this.

Sure, but for how long? I could envision someone compromising one of your computers through a software exploit then using that terminal to access the router to forward ports, start a service to listen on that port (e.g. RDC), and then they have a backdoor to do whatever they want with your computer, whenever they want. That includes highly illegal things like distributing illegal content (e.g. child porn).

Point is: it's easy to establish reasonable security. There's absolutely no reason not to except general laziness and that is never a valid excuse.

Divide Overflow · Jan 29, 2014

It might be really inconvenient to have to lock my front door and carry a house key around with me everywhere. The area is pretty safe and the chances of someone actually attempting to get in are pretty small. But the cost of that happening? It's well worth the trivial task of securing things properly.

qubit · Jan 29, 2014

Ok thanks people, so it looks like there really isn't much chance of getting nailed by doing this and you have answered my question.

I agree that it's prudent to change it just in case something does find a way in and I've now done it.

95Viper · Jan 29, 2014

I am going to say change it. Why? Depends on your own level of paranoia; and, it is simple for most who understand how to.
And, if need be, you can always set the router back to default, with the original password, anytime you wish.

If the router was supplied by your ISP... chances are they recorded it and you can figure that one out.
Manufacturers probably record them; and, if that data were to leak; all someone would need to do is pull your router info and compare it to get the default passwords. (remote possibility, however, still a possibility)

I do know of a particular (ISP) company that does record the default passwords; so, if they need to access the router they can (for maintenance,customer problems, etc.).

Now, if you block the outside access, all fine and dandy... but, your average user does not even understand what a router actually is... much less blocking outside access or router settings.

And, then there is what Ford stated in post #12.

Three letters... NSA. Be paranoid... be very paranoid! :fear:

redeye · Jan 29, 2014

remember if you have physical access to the router it is moot point... meaning to reset it to default, you just need to hit the reset button for what 20 seconds ...boom ...Your in.

now the The question is can you access the router set up menu from the Internet...?. dont know... have heard of exploits that change your DNS address, from the internet... (my old sagemcom modem, required the serial number to be entered in order to change the dns address... for example if i wanted to change it use unblock-us.com to get the US content from canada...)

their is also the question of the port 30005 (or others) that allow access to the router.

while i have changed the routers password on my router, it is a it is a trivial matter to reset it if you have access to the router...

so really you just need to determine if you can only access the router set up from a non-routable Internet address... (192.168....) i think you can set an apple airport extreme to allow setup over the WAN (internet) but apple does warn you about the security implications...

qubit · Jan 30, 2014

95, redeye - yes, I have turned off web access as in my OP. Leaving the default password with web access on would indeed be a very numpty thing to do.

But I get the point about being extra careful from eveyone's reply and have already changed it.

My router is a TP-Link one, not the one the ISP provided me with, so their backdoors don't apply to me.

remixedcat · Jan 30, 2014

Why wouldn't you change your admin password?

qubit · Jan 30, 2014

remixedcat said:
Why wouldn't you change your admin password?

For convenience, as I explained in my OP. However, you lot have convinced me to do it and I've already done it as I explained above.

remixedcat · Jan 30, 2014

Yey Good jorb

Mussels · Jan 30, 2014

qubit said:
Ok, this isn't quite the numpty question that it first appears and here's my reasoning:

Firstly, there's no threat at all from inside my network from malicious household members, naughty kids etc. So no one's gonna log into it and screw it up. What about an infected PC? Well, I don't remember ever getting a malware infection in the 15+ years I've had PCs since I take all the usual precautions, so this is a very unlikely problem.

Secondly, the external web interface is switched off so no one can attempt to try and log in to it.

Thirdly I have the SPI firewall switched on.

I leave it like this, because I find it very convenient to leave the default password as it is since it prevents me having to do a potential router factory reset should I forget it and can't find it written down somewhere.

So, if you think I have a gaping security hole here, I'd like to hear about it.

because bad people like me with good knowledge of wifi security can breach your network in anything from 10 minutes to 2 weeks. the people who can hack it are limited to say, within 1KM of your location - but if you have a bunch of neighbours you dont know, you cant be sure they wont try and hack you. all it takes is one $30 wifi adaptor off ebay, a spare PC, and patience. the tools are automated these days.

me and a friend competed to see how many networks would could breach in a week (and yes, we left them alone - we just wanted to figure out what brands/settings were secure) and we managed anywhere from 1 to 5 networks a day, depending on security.

the major ISP around here has a flaw in all their older, very common wifi G routers that allows you to crack it within 48 hours, for example - so a scan for wifi G routers with their name in the SSID, start the attack, login to router with default admin/admin, save a backup of the routers settings and open the backup. we then have their phone number and last name (name is used for login) and we can login to their web account if we wanted to and snoop for even more details.

simply changing the routers password would mean we had internet access and possibly access to shared folders on the network, but nothing else.

(FWIW: use WPA2-PSK and a 10+ character password that is NOT a name or word. those take weeks to months to crack, and most people would merely give up. disable WPS 'pin code' features as well, those are a major weakness)

qubit · Jan 30, 2014

Oh yes, using Wi-Fi is a definite no-no in my household - nothing worse than exposing your internal network to anyone within radio range. It's all ethernet cables for me. My bad I forgot to say in my OP that I don't use Wi-Fi. I've fixed this with an edit now.

Great explanation you've got there anyhow.

And yes, I know you're a Bad Person, Mussels.

Tonduluboy · Jan 30, 2014

Been using wireless router for the past 6-8 yrs, replaced few. However, due to my location etc etc i never change my any default password for the same reason with OP.
The closes neighbour is my relative which is 100m away. I saw my cousin hacking other people wireless internet in just a few mins using an illegal software n hardware bought thru internet cheaply.

My point is, most people dont go around n sneak into your router. Even if you have a new password, if somebody who know how to crack it really wanna break into your router there is always a way.
Anyway, if you wanna feel more secure, key in a new password is always a good move.

redeye · Jan 30, 2014

remixedcat said:
Why wouldn't you change your admin password?

sometimes, those that don't have great memory, prefer to leave "unimportant" passwords as is...

(if you forget the password to the router, it is a pain to factory reset your router, and recreate the setup... for example it is a pain in some routers to setup DHCP reservations... having to type in the mac address for each device (mythtv, 3 tuners)... thus sometimes it is easier to leave it at the default password.)

but Mussel's explaination is a good reason to change it to something not stock(although he is explaining that you should not use the default ISP name/password for for SSID, which also applys to the setup page name/password.... if course, the strength of your password then becomes a concern. (or your could allow wifi surfing only on the guest wifi channel... it only allows internet access)

95Viper · Jan 30, 2014

redeye said:
sometimes, those that don't have great memory, prefer to leave "unimportant" passwords as is...

(if you forget the password to the router, it is a pain to factory reset your router, and recreate the setup... for example it is a pain in some routers to setup DHCP reservations... having to type in the mac address for each device (mythtv, 3 tuners)... thus sometimes it is easier to leave it at the default password.)

Most routers that I have dealt with allow you to backup those settings, for those moments of need.

System Name	Quantumville™
Processor	Intel Core i7-2700K @ 4GHz
Motherboard	Asus P8Z68-V PRO/GEN3
Cooling	Noctua NH-D14
Memory	16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s)	MSI RTX 2080 SUPER Gaming X Trio
Storage	Samsung 850 Pro 256GB \| WD Black 4TB \| WD Blue 6TB
Display(s)	ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) \| Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case	Cooler Master HAF 922
Audio Device(s)	Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply	Corsair AX1600i
Mouse	Microsoft Intellimouse Pro - Black Shadow
Keyboard	Yes
Software	Windows 10 Pro 64-bit

System Name	micropage7
Processor	Intel Xeon X3470
Motherboard	Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling	Enermax ETS-T40F
Memory	Samsung 8.00GB Dual-Channel DDR3
Video Card(s)	NVIDIA Quadro FX 1800
Storage	V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s)	Samsung 21 inch LCD Wide Screen
Case	Icute Super 18
Audio Device(s)	Auzentech X-Fi Forte
Power Supply	Silverstone 600 Watt
Mouse	Logitech G502
Keyboard	Sades Excalibur + Taihao keycaps
Software	Win 7 64-bit
Benchmark Scores	Classified

System Name	BY-2021
Processor	AMD Ryzen 7 5800X (65w eco profile)
Motherboard	MSI B550 Gaming Plus
Cooling	Scythe Mugen (rev 5)
Memory	2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s)	AMD Radeon RX 7900 XT
Storage	Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s)	Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case	Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s)	Realtek ALC1150, Micca OriGen+
Power Supply	Enermax Platimax 850w
Mouse	Nixeus REVEL-X
Keyboard	Tesoro Excalibur
Software	Windows 10 Home 64-bit
Benchmark Scores	Faster than the tortoise; slower than the hare.

System Name	EVGA-FX \| Lenny (Lenovo Y480)
Processor	AMD FX-8320 @ 4.5GHz 1.416v \| i7 3610qm
Motherboard	Asus M5A99FX Pro R2.0
Cooling	Phanteks PH-TC14PE
Memory	2x4GB Corsair Vengeance @ 1600 \| 8gb DDR3 @ 1600
Video Card(s)	EVGA GTX780 Classified @ 1228MHz 1.615v \| GT640m LE
Storage	Crucial M500 480GB, WD Caviar Blue 500GB, WD Scorpio Blue 750GB \| Samsung 250GB 840
Display(s)	Qnix QX2710 1440p \| 42" Vizio 3D LCD TV 1080p
Case	CoolerMaster HAF XB Evo
Power Supply	Seasonic G-650
Software	Windows 6.3.9600

System Name	Quantumville™
Processor	Intel Core i7-2700K @ 4GHz
Motherboard	Asus P8Z68-V PRO/GEN3
Cooling	Noctua NH-D14
Memory	16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s)	MSI RTX 2080 SUPER Gaming X Trio
Storage	Samsung 850 Pro 256GB \| WD Black 4TB \| WD Blue 6TB
Display(s)	ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) \| Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case	Cooler Master HAF 922
Audio Device(s)	Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply	Corsair AX1600i
Mouse	Microsoft Intellimouse Pro - Black Shadow
Keyboard	Yes
Software	Windows 10 Pro 64-bit

Processor	AMD Ryzen 7 7800X3D
Motherboard	ASUS TUF x670e-Plus Wifi
Cooling	EK AIO 360. Phantek T30 fans.
Memory	64GB G.Skill 6000Mhz
Video Card(s)	Asus RTX 4090
Storage	WD/Samsung m.2's
Display(s)	LG C2 Evo OLED 42"
Case	Fractal Design North
Audio Device(s)	Topping E70 DAC, SMSL SP200 Amp, Adam Audio T5V's, Hifiman Sundara's.
Power Supply	FSP Hydro Ti PRO 1000W
Mouse	Razer Basilisk V3 Pro
Keyboard	Epomaker 84 key
Software	Windows 11 Pro

Processor	Intel i9-12900k
Motherboard	ASUS Z690 TUF
Cooling	NZXT Kraken 280
Memory	64GB DDR4-4000
Video Card(s)	Zotac RTX 3070
Storage	2x Samsung 990 2GB, 4x WD 18TB
Display(s)	ASUS VG27AQ, Dell U2713H
Case	ASUS TUF GT501
Power Supply	EVGA 1000 G5
Software	Windows 11 Pro

System Name	Senile
Processor	I7-4790K@4.8 GHz 24/7
Motherboard	MSI Z97-G45 Gaming
Cooling	Be Quiet Pure Rock Air
Memory	16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s)	GIGABYTE Vega 64
Storage	Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s)	34" LG 34CB88-P 21:9 Curved UltraWide QHD (34401440) FREE_SYNC*
Case	Rosewill
Audio Device(s)	Onboard + HD HDMI
Power Supply	Corsair HX750
Mouse	Logitech G5
Keyboard	Corsair Strafe RGB & G610 Orion Red
Software	Win 10

Processor	Ryzen 9 5900X
Motherboard	Gigabyte X570 Aorus Master
Cooling	ARCTIC Liquid Freezer III 360 A-RGB
Memory	32 GB Ballistix Elite DDR4-3600 CL16
Video Card(s)	ASRock 9070 XT Taichi OC
Storage	Sabrent Rocket NVMe 4.0 2TB
Display(s)	LG 27GL850B x 2 / ASUS MG278Q
Case	be quiet! Silent Base 802
Audio Device(s)	Sound Blaster AE-7 / Sennheiser HD 660S
Power Supply	Seasonic Vertex PX-1200
Software	Windows 11 Pro 64

System Name	YACS amd
Processor	5800x,
Motherboard	gigabyte x570 aorus gaming elite.
Cooling	bykski GPU, and CPU, syscooling p93x pump
Memory	corsair vengeance pro rgb, 3600 ddr4 stock timings.
Video Card(s)	xfx merc 310 7900xtx
Storage	kingston kc3000 2TB, amongst others. Fanxiang s770 2TB
Display(s)	benq ew3270u, or acer XB270hu, acer XB280hk, asus VG 278H,
Case	lian li LANCOOL III
Audio Device(s)	obs,
Power Supply	FSP Hydro Ti pro 1000w
Mouse	logitech g703
Keyboard	durogod keyboard. (cherry brown switches)
Software	win 11, win10pro.

System Name	RemixedBeast-NX
Processor	Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard	Dell Inc. 08HPGT (CPU 1)
Cooling	Dell Standard
Memory	24GB ECC
Video Card(s)	Gigabyte Nvidia RTX2060 6GB
Storage	2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s)	Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case	Dell Precision T3600 Chassis
Audio Device(s)	Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply	630w Dell T3600 PSU
Mouse	Logitech G700s/G502
Keyboard	Logitech K740
VR HMD	Linktr.ee/remixedcat // for my music ♡♡
Software	Linux Mint 20
Benchmark Scores	Network: Ubiquiti Unifi Cloud Gateway Ultra/Unifi Switch Ultra 60w/Unifi Switch 8 60w/UAP-AC-LR/LITE

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

System Name	My White Theme Desktop PC
Processor	4770k / 4670k
Motherboard	ASUS
Cooling	CM 412 slim
Memory	Kingston 8GB DDR3-1600
Video Card(s)	GTX 770 / GTX 670
Storage	Kingston SSD v300 120GB + 1TB Black + 1TB Green + 1TB Green + 1TB Blue
Display(s)	23" Philips IPS White Slim x 3 / Acer
Case	Thermaltake Revo White Snow Edition / Cooler Master
Audio Device(s)	Creative Sound Blaster 5.1
Power Supply	AC 650w 80+ bronze x 2 White

[Solved] Why should I bother changing my broadband router's default password?

Overclocked quantum bit

Addicted to Bacon and StarCrunches!!!

"I go fast!1!11!1!"

Overclocked quantum bit

*

Overclocked quantum bit

Senior Monkey Moderator

"I go fast!1!11!1!"

Overclocked quantum bit

Super Moderator

Overclocked quantum bit

Overclocked quantum bit

Freshwater Moderator

Overclocked quantum bit

Super Moderator