Helping people with computers... one answer at a time.
Routers have several usernames and passwords. One is very important to change for network security.
Hi, Leo. I'm a long-time subscriber to your newsletter and always look forward to receiving it. You've helped me a couple of times in the past and I'm hoping you can help me again. I'm trying to set up the security on my ISP supplied router and change the passwords. I've read a lot of your articles on this and many others but I'm still not sure which passwords to change. I have a wireless network name (SSID) and a key. I also have a router access username (unsurprisingly "admin") and a password. Should I change the name of all four of these or can I change just some subset?
In this excerpt from Answercast #99 I look at how to change the various usernames and passwords on a router - and why it's important.
So, the fact that you have all four of them is very good.
There's basically two passwords that you really want to change: There's one you want to have (because the default is not to have one at all); and there's one you want to change.
The administration password is the password that you supply when you connect to the router in order to configure it or reconfigure it.
You don't need to change the name. In fact, in many routers, you can't change the name - so in this case "admin" may very well be what you're stuck with forever. However, definitely change the password and definitely make sure it's a good strong password.
The reason it's important to change the password is because there is malware that contains a little database of all of the common default passwords on most of the popular routers that are currently available. When the malware runs, it basically goes out to the router and tries to reconfigure it by accessing it with the default password. If it does, lots of things can go wrong.
It's so easily solved; so easily prevented by simply putting on your own secure password to the administration screen.
So, that's probably, I won't say it's the most important one - but it is very important so do that.
The other password you're talking about is the WPA key. In other words, it's the encryption key for your wireless connection.
That's important for two reasons actually. One is that it prevents people who don't know the password from connecting to your wireless access point. And second, it encrypts all of the data that's transmitted between your wireless access point and the computers using it so somebody couldn't listen in and understand what all the data is that is being transmitted back and forth.
Now, the SSID, I keep hearing opinions back and forth on [broadcasting] the SSID. I leave it [broadcasting] enabled. I don't bother changing it - it's up to you.
In my case, I do change the SSID [name]. I have four access points here and I want to know which one I'm connecting to. The SSID [name] lets me know which one I'm using.
Changing it doesn't really improve security at all. Disabling its broadcast, to be honest, really doesn't improve security that much. So do whatever you like with the SSID. Maybe give it a name that means something to you so that you know when you're connected to your wireless access point.
But most important is to make sure that you've got a WPA key that each
computer would need to specify in order to be able to connect up
(Transcript lightly edited for readability.)
Next from Answercast 99- Do I need to be online to perform anti-malware scans or backups?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.