back to article What most people think it looks like when you change router's admin password, apparently

The vast majority of punters are potentially leaving themselves exposed to miscreants by failing to change the password and security setting on their routers - according to a survey. Some 82 per cent said they had never changed their administrator password, a poll of 2,205 people by Brit comparison website Broadband Genie …

  1. Zog_but_not_the_first
    Facepalm

    At the risk of becoming tiresome...

    Computers and their associated equipment are NOT WHITE GOODS. People need a willingness to accept that a degree of competence and learning is required at least equivalent to that for driving and routinely maintaining a car.

    Almost NONE of my friends have ever changed the password or updated the firmware on their routers because "they didn't know you were supposed to". And most of them have degrees.

    1. Anonymous Coward
      Stop

      Re: At the risk of becoming tiresome...

      and how exactly does user with ISP supplied router update their firmware?

      And do you really check your tyres weekly? Rather than just going Oooh that looks flat or relying on a TPS which of course may be faulty

      How often do you check the seal on the filler cap?

      Check your lights?

      Check screen washer levels?

      Check all the warning lights come on when you turn the ignition key?

      It's very patronising of IT people to go they should do this or that, when lets face it, they should these days be as easy to use as white goods....which reminds me, did you also check the lint filter in the tumble drier (major fire risk), the drain filter in the washing machine and the drip tray on the fridge recently?

      1. Muscleguy

        Re: At the risk of becoming tiresome...

        Yes to all the above. My wife claimed her car was on the way out because it was making odd noises. I drove her to the airport and noted I could hear the tappets. I checked the oil and it was undetectable. So I put what I had in, went to an appropriate emporium and bought some more and topped it up and the 'odd noises' disappeared. 'but the oil warning light didn't come on' she complained. There isn't an oil warning light, that is just what she calls the engine warning light.

        Cars are increasingly not user maintainable. I went to check the plugs recently and found my plug spanner didn't fit. They are recessed and it is too fat. So I can't clean and gap the plugs any more unless I spend to get an appropriate tool. I was talking to the mechanic about it and he agreed, he has to remember to bring his tools home to work on his cars there.

        If the engine warning light comes on you have to connect an iDevice running the necessary software and with the right cables to it and be able to interpret the information it gives.

      2. Roland6 Silver badge
        Coat

        Re: At the risk of becoming tiresome...

        >did you also check the lint filter in the tumble drier (major fire risk)

        Err no!

        The problem isn't the lint filter so much as the seals between the air recirculation system and the electrical bits, that allow fine fluff to escape the circulation system and accumulate on things that get hot and may spark, like the motor. So it is worth taking the covers off (fancy screwdriver often required) and giving the internals a good vacuum...

        BTW you missed the dishwasher drip tray and the toaster crumb tray. :).

      3. Jason Bloomberg Silver badge
        Paris Hilton

        Re: At the risk of becoming tiresome...

        Just checked -

        Filler cap: Loose

        Lights: Some working

        Screen wash: Empty

        Oil level: Low

        Warning lights: Blown

        Lint filter: Blocked

        Drain filter: Missing

        Drip tray: Mouldy

        Router: root/admin

      4. heyrick Silver badge

        Re: At the risk of becoming tiresome...

        "and how exactly does user with ISP supplied router update their firmware?"

        If your provider is in any way useful, the router will be able to update itself to a build of Linux that is only about two years old...

      5. TonyJ

        Re: At the risk of becoming tiresome...

        And do you really check your tyres weekly? Rather than just going Oooh that looks flat or relying on a TPS which of course may be faulty

        Yep...ever since losing a tyre at 60mph going through Derbyshire (although it turned out to be debris causing it, but lesson learned)

        How often do you check the seal on the filler cap?

        Ok...you have me here. Never checked that per se, but the nice sucking noise I get as I open it to refill reminds me it's got to be sealed ok

        Check your lights?

        Regularly - whenever there's something with enough reflection, I'll check they're all on

        Check screen washer levels?

        For this one, I have a light to warn me but I never check that ;-)

        Check all the warning lights come on when you turn the ignition key?

        Every time. Not even consciously - it's just what I was taught to do when I was learning to drive and it stuck

        It's very patronising of IT people to go they should do this or that, when lets face it, they should these days be as easy to use as white goods....which reminds me, did you also check the lint filter in the tumble drier (major fire risk), the drain filter in the washing machine and the drip tray on the fridge recently?

        Lint filter yes...ever since, of all things, an early episode of The Big Bang Theory when they talked about it.

        As for the drain filter - monthly, since having an engineer out who removed what appeared to be half a sodding tree...nope, no idea either.

      6. quxinot

        Re: At the risk of becoming tiresome...

        Analogy police: Your car having a flat tire is much more potentially likely to kill someone compared against your router having default credentials.

        Your car handling unpredictably can kill someone important.

        Your router being hacked is likely to screw you, mostly. Arguably it could be used in a DDoS someplace, but that's less likely than various other devices (baby monitor cameras for example), and it's unlikely anyone could die.

        I change my passwords (sometimes not very well, depending on how important it actually is... often a stickynote on the bottom has the non-default password sharpie'd into it) on everything. But when it comes to my car, my wife's car, or my motorbikes? I make quite sure that I'm not likely to go out and commit suicide or manslaughter.

        If dying is anything like being injured, it hurts, and that isn't any fun. Don't like that much.

        1. heyrick Silver badge

          Re: At the risk of becoming tiresome...

          Sorry, correction painfully obvious...

          Your car handling unpredictably can kill someone important.

          .

          The day when we accept driving badly maintained cars because we'd only risk killing unimportant people is the day "society" is effectively finished.

    2. DNTP

      Re: At the risk of becoming tiresome...

      Computers are like clotheswashers; you need to be able to figure out what you need to have happen, read a basic bit of information off a clothes tag or manual page, and make some decisions about putting in the correct settings. A mistake will cost a lot of money at worst but generally not death like can happen with cars.

      OK, lets poll my laptop's saved Wi-Fi credentials. Parent's WiFi? Verizon default. Work network? Unchanged since 2012. Friend's house? Another ISP default. Yep.

      Edit: wow the guy above me posted about washing machines a few minutes before I wrote this.

    3. SkippyBing

      Re: At the risk of becoming tiresome...

      'Computers and their associated equipment are NOT WHITE GOODS. '

      Although I have some sympathy with this view, you have to accept the general public don't and aren't likely to change their minds. In which case I would suggest it might make more sense to design routers such that they're forced to change from the default password the first time they use it. And frankly the things are already connected to the internet so they may as well do automatic firmware updates. Like an Amazon Fire or Win 10.

      In short it's easier to avoid accidents if you design systems that work with human behaviour rather than hoping humans will change.

    4. Anonymous Coward
      Boffin

      Re: At the risk of becoming tiresome...

      I think it's worth stopping and thinking how bad a situation this is. Because 'computers and their associated equipment' now means things like radios (I've inherited two fancy internetty radios which have firmware that needs to be updated and probably have security vulnerabilities), TVs and, in fact, white goods.

      So what this means is that things that used to essentially maintenance-free and safe (which radios have been really since valves went away, so say 50 years or so) are suddenly things that require maintenance at the level of a car and are also, increasingly, not safe. This is not an entirely positive development for most people.

      And the cars that these things are as hard to look after as are not the cars we drive around in: they're cars made in some Kafkaesque parody of 1925. Lets say you want to upgrade your router. the first thing you find is that you can't because its at least a year old and no-longer appears in the support pages of its vendor; eventually you find some copy of firmware for it which you fetch by bittorrent; this needs Windows and you're a Mac person; so you borrow a Windows machine from work only to discover that 'Windows' means 'Windows XP'.

      1. heyrick Silver badge

        Re: At the risk of becoming tiresome...

        "find some copy of firmware for it which you fetch by bittorrent"

        ...which sounds like a brilliant recipe for either getting pwned or for turning said device into a brick because it is for the .02463.6743 revision with a different chip than the .02463.6742 that yours says on the label in five point text...

        1. Anonymous Coward
          Anonymous Coward

          Re: At the risk of becoming tiresome...

          Exactly! Doing the equivalent of maintaining your 1925 car turns out to involve dousing yourself in petrol while mucking around with the magneto and hoping nothing bad will happen.

    5. GIRZiM

      Re: most of them have degrees

      Do they get free fries after they finish Work for the day?

    6. Mark 85

      Re: At the risk of becoming tiresome...

      I think the router manufacturers might be on to something good IF they use a username and password that's randomly generated and put a tag on the front of the device. Maybe computer makers and other home IT type equipment should do the same.

      The problem here is the mindset that started with "Plug and Play". Users are accustomed to "just plug it in" and no config necessary. The computer and tech equipment has been dumbed down for the target markets and there it will stay.

      1. heyrick Silver badge

        Re: At the risk of becoming tiresome...

        The recent Livebox models have the user name as "admin" (always has been) but now the password is the final eight digits of the MAC address.

        1. GerryMC

          Re: At the risk of becoming tiresome...

          Similar to my router. However there is one mitigating factor - to even attempt login as administrator on the router, I need to connect to it.

          This requires either plugging into the box, or a WiFi connection. If some achieves this, they are already able to do a great deal of damage.

          This off course assumes that the default WiFi password isn't daft

      2. GBE

        Re: At the risk of becoming tiresome...

        I think the router manufacturers might be on to something good IF they use a username and password that's randomly generated and put a tag on the front of the device.

        No matter how many preachy articles tech journalists write, 99% of consumers are _never_ going to change admin/wifi passwords. That's not going to change. Ever. So the endless harping on this is pointless.

        I think all of the new routers and APs I've seen in the last 7-8 years (even low-end consumer units) came with random admin passwords and random Wifi keys. However, the tag is always on the bottom or back not on the front. This is the only practical solution.

  2. Anonymous Coward
    Anonymous Coward

    Most people get their router from their ISP and their ISP will either update the firmware automatically or not give out firmware for manual upgrades.

    I'm surprised to learn that the random looking keys aren't random though.

    1. Seajay#

      The random looking keys are random. From the article:

      Andy Patel, security expert at F-secure, agreed that newer routers tend to come with a randomised Wi-Fi Protected Access passwords.

      Which makes the whole premise of the article (that people are doing something wrong by not changing the password) false. In fact if they did change it they would almost certainly make it worse.

  3. Phil Endecott

    BT routers come with randomised passwords and I see no reason to change them to something user-selected and likely less random. That must make up a large fraction of the 82%.

    1. Baldrickk

      randomised passwords

      are probably not random.

      For example: https://www.theregister.co.uk/2017/06/23/virgin_media_router_security_flap/

      1. Anonymous Coward
        Anonymous Coward

        Re: randomised passwords

        At least they looked random.

        My one kids apartment complex rolled out free internet and installed WiFi routers in each apartment. And apparently to make it easier for the ISP to administer it all, they assigned passwords that varied only by the apartment building addresses and room numbers. Except for my kids. I was there at the time and made the installers change it. And they had to call the ISP to do that because the ISP was the only one that could change anything in the routers.

        I didn't write down the original password so I can't test if that's still what the other 200+ apartments have.

    2. Wensleydale Cheese
      Unhappy

      "BT routers come with randomised passwords and I see no reason to change them to something user-selected and likely less random. That must make up a large fraction of the 82%."

      But my (non-BT) router has the random looking Wifi passwords printed on a label on it. As does the router supplied to a mate by his ISP, Liberty Global (the owners of Virgin Media).

      And everyone's got cameras on their phones now, bad guys too,

      1. FrogsAndChips Silver badge

        "BT routers come with randomised passwords and I see no reason to change them to something user-selected and likely less random. That must make up a large fraction of the 82%."

        And how complex are these? My ISP-provided router came with a default WiFi password of 8 chars, only lowercase and numbers. I guess it would only take a few minutes to brute-force it.

  4. tip pc Silver badge
    FAIL

    FUD

    to change the admin password of the router you typically need to be on the consumer side of the device. if you've done that already you've either been given the wifi password or have compromised a machine already on the network. The admin password of the router is a much less concern at that point.

    Are there a bunch of security bods in need of work or something and pushing out lame stories of late?

    1. Peter X
      Stop

      Re: FUD

      It probably wouldn't be very difficult to craft some Javascript to poll the usual router IPs, brute force the IP, open the admin interface on the WAN side, and log it somewhere for a hacker to access.

      If they then uploaded modified firmware then you'd never be able to fix it either. It could then route (say) common bank domains through a remote proxy to capture password.*

      * This bit would be beyond me personally, but I suspect a fake site with a LetsEncrypt cert, would be sufficient to fool the aforementioned 82%. The firmware upload might be hard on recent ISP routers also but maybe just changing the nameservers would be enough to redirect certain traffic.

      My point is, I don't think this should be written off a FUD.

    2. Muscleguy

      Re: FUD

      As others have pointed out the passwords to Virgin routers on a label underneath them. As is the IP# web address. If I were to start typing an IP address in this browser it would autofill to our router's address. I have changed the admin pword. It is recorded in munged form only I can interpret.

      The instructions are there on how to do it and there is a both an easy, friendly front end and and advanced one for us braver sorts. I have screen grabbed the settings in case I have to set it up again. Our WiFI pword is both alphanumerical, easy to remember and able to turned easily into Hex. You have to know where we were married (ownership and name changed more than once since then) to have any chance at it. I doubt anyone else there remembers and it was in Southern NZ. The router is in Dundee.

      1. Roland6 Silver badge

        Re: FUD

        >As others have pointed out the passwords to Virgin routers on a label underneath them.

        Which largely make it pointless just changing the password! Because of the reset button!

        You can change the password, however, if you haven't changed anything else significant, like the WiFi SSID and/or key, I can reset your router to factory defaults and you will be none the wiser.

        1. J.G.Harston Silver badge

          Re: FUD

          Because I have guests who want to WiFi into my internet connection I both changes the admin password, the router ID and the WiFi password to things I could remember. Well, not remember, but were easier to tell people than "connect to Virgin2099755, not not 775, 755, password CduuX... no not wx, uux...

      2. Anonymous Coward
        Anonymous Coward

        Re: FUD

        Our WiFI pword is both alphanumerical, easy to remember and able to turned easily into Hex. You have to know where we were married (ownership and name changed more than once since then) to have any chance at it. I doubt anyone else there remembers and it was in Southern NZ. The router is in Dundee.

        I jokingly tell people the passcode for my tablet is my phone number from the mid-60's. There's all of four people besides myself who might still remember it (and it wasn't under my name). Any malevolent party trying to access it would have to do WAY more research than it would be worth to find that.

    3. Notas Badoff

      Re: FUD

      "...or have compromised a machine already on the network."

      Only every PC that connects to the web and allows Javascript execution! You obviously have no idea how capable of network activity browser Javascript is.

      You are uninformed. Oh, strange, that's the topic, isn't it?

  5. Baldrickk

    I haven't changed the firmware on my router...

    ...(barring a short experiment on a disposable netgear to install openwrt) in at least a decade.

    Not that the firmware hasn't been updated - Virgin Media push updates from their end. As a service they provide, it makes a lot of sense that they keep it updated (especially as it is technically their device - it is provided as part of the service). It means Joe Bloggs is freed from needing to keep track of router firmware updates and so on.

    I do make sure that the passwords are all set by me, and stored in my password manager, and make sure my father at least has done the same.

    OTOH, my sister's boyfriend "doesn't do updates" because they "are annoying, take time, and introduce changes" - this is on his mac, which is, as far as I can tell, running without updates from 4 years ago.

    He was espousing the "if it ain't broke" idea, to which my "but it is broken, hence the fixes" fell on deaf ears.

    At least my sister is a bit better at this sort of thing.

    1. Spacedinvader
      Trollface

      Re: I haven't changed the firmware on my router...

      Nothing wrong with not updating, Macs don't get viruses!

      1. Huw D

        Re: I haven't changed the firmware on my router...

        *goes to rant*

        *spots troll icon*

        *goes back to "work"*

    2. Anonymous Coward
      Anonymous Coward

      Hmmm

      >Not that the firmware hasn't been updated - Virgin Media push updates from their end.

      Not sure if there should be a joke icon on there.

      Is that the same VM that can't / wont tell me all the IPs/Ports/services their TiVo connects to, in order to whitelist them in my non VM routers's firewall? I'm not talking the TiVo .com settings, I have these, I'm talking the IP's they use to get what channels I'm subscribed to.

      When I asked there stock replay is you need to use the Superhub 3 as a router as that's what TiVo works with.

      Yes I can try and track them and I'm doing so but if they supplied a list its easier than me trying to do it all myself especially as the Tivo may use the same IP for a while until that IP has an issue and it moves on to a new one if there load balanced scheme.

      Not to mention is it the same VM who took so long to get the fixes out for the latency issues (1 year and still an issue to some people) on the SH3?

      There must be many, many talented people who work at VM, but its a real battle to get to anyone who can offer good IT troubleshooting and support, Any request for help through either the phone lines or the community site and you get a scripted reply.

      1. Muscleguy

        Re: Hmmm

        Since Virgin provide the router free, it is pretty fast AND it is fully user configurable (provided you get one that works) why would you use your own? You could always slave your router of it for the LAN and plug the TiVO into the Superhub. My wife's PS4, 360 and PS2 all plug in via enet without needing to set anything. It just works.

        My wife plays online with the youngest and her beau in NZ at the weekends and it also just works. I can surf from up here at my standing desk while she's doing it no problem. My network only slows down if Time Machine is backing up and I'm running a third party script to keep those down to a more sensible schedule than the Mac default. They really should add that as standard, not everyone is happy using the terminal.

        1. Paul Crawford Silver badge

          Re: "why would you use your own?"

          Dozens of reasons: your own control of firmware, no back-doors, ability to set up different wifi networks for guest and own use, custom firewall rules, maybe running a VPN end point in it, etc, etc.

          1. jelabarre59

            Re: "why would you use your own?"

            Dozens of reasons: your own control of firmware, no back-doors, ability to set up different wifi networks for guest and own use, custom firewall rules, maybe running a VPN end point in it, etc, etc.

            Don't forget "pre-assigned IP numbers" (every router calls it something different). Yes, the Arris routers that Crapcast provides have the ability, but the interface is crap, and the router wants to reset itself for each and every number you put in. A decent DD-WRT or OpenWRT capable router has a CLI (SSH, telnet disabled) which can let you do this with batch commands.

        2. Gavin Chester

          Re: Hmmm

          The short answer is the Tivo is in the lounge and the VM line comes in to the other side of the house...

          Stringing a Cat 5 across the house is not going to get wife approval, more get my strung up ....

          1. Roland6 Silver badge

            Re: Hmmm

            >The short answer is the Tivo is in the lounge and the VM line comes in to the other side of the house...

            If Virgin installed the Tivo box, they will have configured it to use the default WiFi SSID etc. - just a word of warning when you decide to personalise your WiFi.

            In my house the TV/Xbox systems are connected via a pair of powerline adapters to the rtr (Xbox-cable-PAL-ring main-PAL-cable-Rtr). It works very well, although for reason unknown my son experiences connectivity problems if he's been on the Xbox too long... :)

            1. Anonymous Coward
              Anonymous Coward

              Re: Hmmm

              " although for reason unknown my son experiences connectivity problems if he's been on the Xbox too long... "

              Sounds like a peculiar RF phenomenon called Dad Induced Signal Fade. I hear that good grades in school, clean rooms, and general good attitude can actually improve signal strength and reliability.

            2. Gavin Chester

              Re: Hmmm

              With the V6 upgrades VM just send you the box and your on your own to do the install....

              1. Baldrickk

                Re: Hmmm

                Did that last night for my Father. Installing the box was easy.

                Activating the box should have been easy, but the automated activation failed. Then spent 45 minutes on the phone with someone who... lets say her foreign accent overpowered her english.

                When we asked to speak to someone else, we were just put on hold for 10 minutes...

                It's particularly frustrating as they used to have really good service. - or rather, not terrible service.

      2. Jason Bloomberg Silver badge

        Re: Hmmm

        Is that the same VM that can't / wont tell me all the IPs/Ports/services their TiVo connects to, in order to whitelist them in my non VM routers's firewall? I'm not talking the TiVo .com settings, I have these, I'm talking the IP's they use to get what channels I'm subscribed to.

        Not really following you there. My TiVo runs a network link straight up the coax and out of the house which is used for TiVo-to-VM interactions. The network link to the router is entirely separate and optional. It appears the TiVo accesses account and subscription data via the cable modem not through the router.

        Use Home, Settings, Network, and you should see the two connections; the TiVo internal cable modem on 10.*.*.*, the ethernet likely 192.168.0.*

    3. Missing Semicolon Silver badge

      Re: I haven't changed the firmware on my router...

      Yeah. VM update your router, and then factory reset it. This got so boring at a friend's house I eventually reset his network to work with the default settings

    4. Craigie

      Re: I haven't changed the firmware on my router...

      If Mac is anything like iOS then he's forced into such silliness because the ability to roll back is taken away very quickly after installing the update.

  6. Anonymous Coward
    Anonymous Coward

    My own ISP...

    Not naming any names but my ISP just needed to update some settings to solve a query I had open with them, and they asked me to make a new admin account on my router with ... slightly more obscure credentials than admin:admin, but not much. It was blatantly obvious that this was the standard username and password combo they used for all such enquiries.

    I replied that I wouldn't use those credentials, but offered them an alternative with the username 'securitymatters' and a proper password. They accepted it.

    1. Velv
      Trollface

      Re: My own ISP...

      You can always create their standard account then delete the entire account when the work is finished.

      You did delete your suggested account once the issue was resolved, didn’t you?

      1. Anonymous Coward
        Anonymous Coward

        Re: My own ISP...

        If somebody hasn't written a script to check for routers with that username and password combo every five minutes I'd be surprised.

        I did indeed delete my suggested account mere minutes after getting home once the work was done. So about a minute ago. They were kind enough to shut off remote access before they logged out anyway.

  7. Anonymous Coward
    Anonymous Coward

    In parts of Latam, ISP gives Zero / NO access to Router!

    Just wondering if this happens elsewhere or if its unique to the region....?

    1. Hans Neeson-Bumpsadese Silver badge

      Re: In parts of Latam, ISP gives Zero / NO access to Router!

      Can't comment on this. I always toss the ISP-supplied router and replace with something I've bought myself and which is better than the sort of junk that ISPs pass off as being fit for purpose

      1. Boothy

        Re: In parts of Latam, ISP gives Zero / NO access to Router!

        Can't comment on this. I always toss the ISP-supplied router and replace with something I've bought myself and which is better than the sort of junk that ISPs pass off as being fit for purpose

        Unfortunately here (UK), some major ISPs, such as Sky, bake the account details for the *DSL side into the router itself, with no direct access to it, and won't provide the user/pass to the user on request (against their Ts&Cs. So using 3rd party routers can be difficult.

        (There are ways to get the user/pass, but it can be convoluted depending on the router model you have).

    2. Anonymous Coward
      Anonymous Coward

      Re: In parts of Latam, ISP gives Zero / NO access to Router!

      Spain, too.

      And if you try to replace it you'll never get the SIP configuration out of them so you'll lose your phone line.

      It's all about knowing your place in the hierarchy.

  8. Gordon Pryra

    Daily Mail Headline here, meaningless numbers coming from a crappy poll

    82% of users includes home users AND business users?

    Because i bet that if you took the home users out, the number would drop to 2% or something.

    After all its only the American Government and .Govt.uk who leave router passwords as default.

    Home users on the other hand run the risk of not getting support, or worse charged for damage, if they play with settings on the hardware they are supplied.

    Half the time it turns out that the small print means you are only loaned the equipment that you paid so much for and the rest of the time that equipment may as well be black box for all the changes that a home user can make to it.

    1. Norman Nescio Silver badge

      Re: Daily Mail Headline here, meaningless numbers coming from a crappy poll

      82% of users includes home users AND business users?

      Because i bet that if you took the home users out, the number would drop to 2% or something.

      After all its only the American Government and .Govt.uk who leave router passwords as default.

      Cough. If you take the home users out, you are still left with reams of small businesses, many of whom will have neither the time nor the expertise to fiddle about with router settings.

      Dilbert (or rather, Dogbert) had the ultimate answer to router administration problems back in 1996

      Dilbert:The Network Administrator

  9. Hans Neeson-Bumpsadese Silver badge

    Although I've updated the network name, passcode and admin password, I've never updated the firmware on any router. My reasoning is a case of balancing risk of two different events.

    Possible event the first - some miscreant finds my router and manages to hack their way into it by exploiting an unpatched vulnerability in the firmware

    Possible event the second - I update the firmware in good faith, only to have the router suffer because of some bug in the firmware. When I eventually get back online I read an El Reg article about how the latest firmware from <x> is bricking routers up and down the country.

    On balance, I fear well-intentioned vendors more than I fear ill-intentioned hackers.

    But that's just me - YMMV

  10. Muscleguy

    When we upgraded our TV Box, Virgin included a slightly upgraded router and I therefore installed it. But it would not remember when I changed the login password or anything else. I repeatedly had to reset it to get back in only for the same things to happen. I rang their tech line and the Indian grunt had no idea why I should want to or what to do about it. I was fortunately escalated up the chain to a most helpful and very knowledgeable English guy who sensibly suggested I simply reinstall the old one and facilitated that.

    My experience with the grunt though strongly backs this up. I expect I was the only person he had ever dealt with who did anything of the sort. Our router is renamed, has a custom pword, does not broadcast (you have to know it's there AND the correct name) AND there is MAC address filtering so your device needs added unless I tell you the name of the Guest mode and pword (of course it has a pword).

    I'm not even a techie, I'm a bioscientist. I've just informed myself over time. At one time I ran Mac support for our large lab because IT didn't have a Mac specialist. Instead of waiting for them when new kit arrived I would note the MAC, inform them and it was on the network by the time I got it fully out of the box.

    My wife does have a CompSci degree but I still run IT support in the home, including on her Windoze laptops. Turning the wifi on and off is a difficult thing apparently. Though to be fair it's harder than on the Mac (click symbol on menu bar, choose turn off, turn back on).

  11. Joe Harrison

    Don't screw with your ISP router

    I have a Sky Q router which does some really counter-intuitive things in order to support its wireless mesh for delivering TV all over your house. If I did change its default passwords and something weirdly unexpected happened then I could be forced to spend all afternoon getting the answer out of their call-centre, and frankly I'd rather not.

    While I'm here, if anyone knows how to configure a Sky Q router to allow its wirelessly-connected devices to talk to ethernet-connected devices please kindly let me in on the secret.

    1. Anonymous Coward
      Anonymous Coward

      Re: Don't screw with your ISP router

      Powerline adaptors don't work. (They have their own built in but not enabled)

      Reset/Disable Wifi then Connect Main box to internet (wired of course)/Connect Mini Box to Main Box disable wifi.

      Contact sky to replace mini boxes because it doesn't work.

      Rinse and repeat. It's pot luck. Alternatively you can use your own wireless network instead of it creating its own, that works.

  12. John70

    When I get a new ISP supplied router I put it into modem mode and use my own router.

  13. GIRZiM

    So, people can't be bothered to learn the basics of how the world works

    https://www.youtube.com/watch?v=Pn0WdJx-Wkw

  14. Ol'Peculier

    I was staying in a hotel in Vietnam a couple of years ago and the WiFi had become a bit crappy. I only had a tablet with me, but I logged onto the gateway, guessed they hadn't changed the password, and wham, in I am to the config pages.

    All I did was reset the thing which sorted out the problem, and I did deliberate if I should tell reception how bad their security was when checking out but decided not to. I didn't want to spend the next couple of weeks looking over my shoulder...

    1. Anonymous Coward
      Anonymous Coward

      "helping" adminn

      I did something similar a couple of years back. My old neighbor was stepping on the same WiFi channels as my router. I helpfully set them to a different channel. i don't remember what brand of router they had, but it seemed to want to keep going back to "my" channel.

  15. Claptrap314 Silver badge

    US ISP-provided routers are uniformly garbage.

    At least on the wifi side. So..I picked up my own wireless, and made it the only device on the provider router. I changed providers last month--the devices in my house never lost the connection to my wireless. As soon as it got the new lease, we were back on.

    And yeah, I update firmware, set passwords, use my own SSID, and don't use 192.168.0. Which was really convenient since the ISP-provided router did you 192.168.0. :D

  16. Anonymous Coward
    Anonymous Coward

    One of the better router security sites....

    https://routersecurity.org/

    The author of this site did a section on Asus routers which helped me FINALLY figure out why I kept seeing Affirmtrust certs on devices.

    TrendMicro partnered with Asus and TrendMicro uses AffirmTrust certificates.

  17. SouthernLogic

    Another group of people who cannot pass the turing test.

  18. Anonymous Coward
    Anonymous Coward

    Ignorance is bliss

    No one really makes an effort to educate consumers on digital security so it's no surprise that so many entities are easily hacked by not changing the most basic router security settings. What's worse is that the bad guys are years ahead of the public hacking disclosures. There are so many infected systems being used to attack enterprise, compromised systems that expose so much personal data, etc. that it's almost incomprehensible. The FARCEbook debacle isn't even the tip of the iceberg when it comes to personal data being stolen / misused.

  19. Aristotles slow and dimwitted horse

    Oh, I thought we were talking about serious threats...

    "Including changing the thermostats and lighting, or getting the smart TV to control the home's audio."

    Crikey. Call the cops...

  20. imanidiot Silver badge
    Unhappy

    Got that covered

    My router password is so secure I can't even remember it myself. I'll have to run a reset to factory defaults on the thing at some point because for the life of me I can't remember what the hell I set it to. It's definitely not what I am convinced I set it to...

  21. UnkDB

    Do I get a lollypop?

    I use BT for broadband and Sky for TV.

    Last week Sky engineer installed Sky Q.

    1. Went straight to my router and pulled out the card to connect his iPad to my Wi-Fi. Was most upset when I told him I had changed SID and password. Connected him via WPS...not sharing my password with a stranger (yes, I know it's not the admin one).

    2. When connecting the Sky Q - I asked him to used the Ethernet cable that was sitting there waiting for him. He's been told he should use Wi-Fi and has never plugged an Ethernet cable into a Q box; and said I might even have to revert to Wi-Fi if I have support problems.

    Duh? Why else would they have an Ethernet port or configuration options in the software?

  22. Anonymous Coward
    Anonymous Coward

    I just manipulate the network detection feature on a router with a packet using a "1" as my key, and wait for the reply...

    1x whatever their key is usually their key in maths. I dont really care if their using WPA or WPA2 or what the router is. The only ones i find difficult are ones secured by an authentication server.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like