You probably need to change a password, but not the one you think.
Become a Patron of Ask Leo! and go ad-free!
This is Leo Notenboom for askleo.info.
News reports surfaced this week telling of a newly discovered vulnerability.
Well, it’s certainly not a new vulnerability, and whether or not it’s really
been “newly discovered” is arguable too. But it’s definitely making the
As well it should.
So, let me ask you this: what’s the password to your router? The password
that you use to gain access to the router settings.
If you don’t know, or you’ve never changed it you’re probably at risk.
Here’s how the vulnerability works:
try to connect, over your LAN, to the administration interface of your router.
If you haven’t changed that password, this malware can simply use the default
password to login. Once that happens, all bets are off. One scenario is that
the router might be silently reconfigured to, without warning, take you to some
phishing site when you might think you’re going to a legitimate site like eBay,
Paypal or your bank.
masquerades as an internal user on your LAN …”
So how many of you LinkSys owners have a password of “admin” on your router?
That’s the default password, and if that’s the password to your
router, you’re at risk. If you have a different brand of router, the
default is probably something else, but given the overwhelming popularity of
brands such as LinkSys, Cisco, NetGear, DLink, and a handful of others, it’s
pretty easy for malware to just try them all until something works.
So, if you make only one security change today, change the password on your
router. Remember to keep it in a safe place, of course, so you’ll have it when
you need it later.
Oh, and if you do forget the password later, almost all routers have a
master reset sequence that will restore the router to its initial
configuration, including that default password. Master reset not something you
can do remotely; it typically involves actually pushing a button on the router. You’ll
lose any configuration changes you’ll have made, but at least you’ll be able to
get back in.
Routers are an incredibly important part making sure your local network and
the computers on it are safe from external threats. This vulnerability
masquerades as an internal user on your LAN, so making sure that your router is
configured securely with it’s own unique password is extra important.
And yep … until this morning my router’s password was “admin”.
Not any more.
I’d love to hear what you think. Visit askleo.info and enter 11177 in the go
to article number box and leave me a comment. While you’re there, search over
1,000 technical questions and answers on the site.
Till next time, I’m Leo Notenboom, for askleo.info.