Yondoo provided router, has "password" as admin pw, won't let us change it

typhoon.notice_0a at icloud.com typhoon.notice_0a at icloud.com
Tue Feb 7 00:30:04 UTC 2023


Long time lurker, first time poster. Sorry in advance if this is the wrong forum for something like this.

My mom's ISP (Yondoo) seems to be providing DOCSIS 3.1 CPE (Customer Premises Equipment) with a built-in router, without providing the ability to change the admin password from "password" on it.


Their customer service rep said that this is not only WAI, but also wanted to charge her $50 to have a tech come out and change it. Which is obviously less than ideal.

That aside, this seems like a pretty egregious security standard which, from my understanding, can have fairly dire security implications... e.g., DNS server settings can be pointed at whatever someone wants here.

My mom is elderly and had already fallen victim to a call center scammer a couple years ago. They briefly took control over her laptop before she called for backup. So I'm just a little concerned that we have no control over changing this router's admin password — from “password” — in a pinch, without waiting for a truck roll && shelling out $50.

I've sent her a DOCSIS 3.1 modem that doesn't have a router built-in, in hopes that they'll let us bring our own. She does have Google Wifi, but we can't even put their router into bridge mode. So she would be double NATed and have no control over changing the admin password on the first router.

Anyone have any experience with Yondoo? I've tried reaching out to them on multiple fronts, but have yet to hear back from them on this. A tech is scheduled to come out tomorrow, so the plan is to beg (bribe?) them to let us use our own modem and then take it from there.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230206/41af6767/attachment.html>

More information about the NANOG mailing list