Default Passwords for World Wide Packets/Lightning Edge Equipment

Joel Esler jesler at sourcefire.com
Wed Jan 6 19:41:14 CST 2010


On Wed, Jan 6, 2010 at 8:26 PM, Steven Bellovin <smb at cs.columbia.edu> wrote:

> On Jan 6, 2010, at 6:24 PM, Jeffrey I. Schiller wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > An option I saw years ago (I forgot on whose equipment) was a default
> > password which was a function of the equipment's serial number. So you
> > had to have the algorithm and you needed the serial number which was not
> > related to the MAC. So if you didn't have physical access, you were not
> > in a good position to learn the password.
> >
> > I suspect this was a support nightmare for the vendor and I bet they
> > went to a more standard (read: the same) factory password.
> >
> > At the end of the day, minimizing support costs for the vendor (not to
> > mention likely annoyance for the customer) trumps providing "default"
> > security for the folks who won't change the default password.
>
> The MyFi apparently does this.  According to
> http://www.nytimes.com/2009/05/07/technology/personaltech/07pogue.html"The network password is printed right there on the bottom of the MiFi
> itself."
>
>
At least it's not "0000".

But yes, my Mifi *had* the password on the bottom.



-- 
Joel Esler



More information about the NANOG mailing list