Remember Your Home WiFi Password

One call I get quite frequently from my clients is for help in remembering and/or discovering their WiFi passwords. Typically, they have a guest coming to town who wants to connect to their network, but since the password is stored in their computer, they don't remember it. I call this "speed dial syndrome", where you don't remember phone numbers anymore, because you always just select them from your address book.

So, as a way of addressing this problem, I have taken to carrying around my P-Touch labeler and putting the password right on the router. This seems to be an obvious place to look for password when someone asks. You could be a bit more discrete than my photo above and put the label on the bottom or back of the router, but you also need to be able to remember where it is. I have one client who put it in her rolodex, but doesn't typically remember that it is there.

Routers from the 2WIRE company help to solve this problem by labeling every router with its password. On the underside of the router you should see a 10 digit sequence in square brackets i.e. [1234567890] This is the default wireless password for your specific router.

Additionally, you should also place a sticker for the password for the router itself. This password is required to change the settings of your router. The password should be changed from its default when it is installed, as there are a few exploits which can take advantage of routers with default passwords. Of course, since you use this password so infrequently, most people have no idea what it is.

There is one final fallback you can use, too. If you can't remember your password at all, most routers allow you to reset them back to their factory settings, including default passwords so that you can login and modify the settings back to the way you wish.

Do you have questions about your network, your router, your software? Leave them as comments here on the blog or send them along to techiq@welchwrite.com. I'll be glad to answer them.

Elsewhere Online: Default Router Passwords Could Compromise Home Networks

This Slashdot story points up a vulnerability that some people might have left exposed on their home routers from companies like Linksys, D-Link and NetGear.

Whenever I set up a router, I make sure to reset the default password for that router. This is the password that allows you to setup and change settings within the router, not the password you might use to connect to your wireless network. That said, some of you might still be using the default password.

An exploit has been discovered that allows a malicious web page to access your router setup information, if it still uses the default password, and change settings within the router. Not a good thing.

If you are wondering if your router still has its factory default password, drop me an email at techiq@welchwrite.com and I can give you some instructions that will allow you to test for it.

Drive-By Pharming Attack Could Hit Home Networks

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.

(Via Slashdot.)

Technorati Tags: technology, virus, exploit, software, computers, high-tech, protection, network, networking, router, password, passwords