The top 10 insecure router passwords
Users neglect the security of their network entry doors: Insecure router passwords are still used too often. IT security specialist ESET has compiled a "hit parade" of the most insecure passwords.
Whether it's a public WLAN in a bar or a private wireless network within your own four walls: Routers are the gatekeepers to the network. Often, these important devices only rely on a password to access the administration interface to protect against unauthorized access. This can have fatal consequences: Anyone who knows or easily guesses the password gains access to the entire network. Probably too few users know that the assigned access code plays a key role for the configuration as well as the WLAN network.
Never rely on default passwords
Security experts from ESET have analyzed the latest telemetry data from their network scanner and obtained worrying results: Several thousand of the more than 100,000 scanned devices use default passwords. Often, these devices are in use for many years without being changed. To improve password security and raise awareness of the issue, the specialists are now publishing the top 10 weak router passwords.
"Users who do not secure administrator access on their routers are also, in most cases, not protecting their WLAN network with secure passwords. Routers should never be operated with factory-set or weak passwords. The user name should also be individualized, if possible," explains Michael Schröder, Security Business Strategy Manager DACH at ESET. "Common passwords are the first ones cybercriminals try and offer no protection. WLAN keys and administrator passwords in particular should therefore already be assigned individually during setup."
Top 10 most popular weak router passwords
- admin
- root
- 1234
- guest
- password
- 12345
- support
- super
- Admin
- pass
What do secure router passwords look like?
The administration interface and the WLAN network of a router are each protected by a password. Under no circumstances should you use the password that the manufacturer supplied with the device. A good router password should be at least 8 to 12 characters long. Users should think of a phrase that contains at least one number and is easy to remember. For example, "My favorite thing to eat is pizza with four ingredients and extra cheese!". If you take the first letter of each word, the result is: "AleiPm4Z+eK!". Users already have a secure password.
More tips for a secure router
- Keep firmware up to date: Updates often bring new functions and close security gaps. If possible, activate automatic updates in the router's menu or check for updates regularly.
- Disable remote access: With remote access, users open ports on their device. While this feature brings numerous benefits, it also gives hackers another point of attack. Remote access should therefore remain deactivated
- Enable two-factor authentication (2FA): Modern routers offer the option of enabling 2FA. If settings are changed, they must be verified by another source. This confirmation can be done by pressing a specific button on the device or using the phone
- Change WLAN password: The best encryption method is useless if the associated password is easy to guess. Especially with the standard passwords that are set at the factory, there is a risk that hackers will automatically test known passwords using special programs.
- Disable WPS PIN: "Wi-Fi Protected Setup" (WPS) is a standard for quickly setting up an encrypted WLAN network. Users only need a PIN for this, which can be read on the device. This function should be disabled because it is easy to crack.
- Change network name: Users should give their WLAN a new name (SSID). The default name often contains the manufacturer name and device type. Attackers can then look directly to see if there are any known vulnerabilities in the router.
Source and further information: ESET
