Top 10 insecure router passwords

Whether it's a public WLAN in a bar or a private wireless network within your own four walls: Routers are the gatekeepers to the network. Often, these important devices only rely on a password to access the administration interface to protect against unauthorized access. This can have fatal consequences: Anyone who knows or easily guesses the password gains access to the entire network. Probably too few users know that the assigned access code plays a key role for the configuration as well as the WLAN network. Eset's security experts have analyzed the latest telemetry data from the company's network scanner and obtained worrying results: several thousand of the over 100,000 devices scanned use default passwords. Often, these devices are in use for many years without being changed.

"Users who do not secure administrator access on their routers are also, in most cases, not protecting their WLAN network with secure passwords. Routers should never be operated with factory-set or weak passwords. The user name should also be individualized, if possible," explains Michael Schröder from Eset. "Common passwords are the first ones cybercriminals try and offer no protection. WLAN keys and administrator passwords in particular should therefore be assigned individually during setup."

Top 10 most popular weak router passwords

1. admin
2. root
3. 1234
4. guest
5. password
6. 12345
7. support
8. super
9. Admin
10. pass

What does the secure router password look like?

The administration interface and the WLAN network of a router are each protected by a password. Under no circumstances should you use the password that the manufacturer supplied with the device. A good router password should be at least 8 to 12 characters long. Users should think of a phrase that contains at least one number and is easy to remember. For example, "My favorite thing to eat is pizza with four ingredients and extra cheese!". If you take the first letter of each word, the result is: "AleiPm4Z+eK!". Users already have a secure password.

Tips for a secure router

Keep firmware up to date: Updates often bring new features and close security gaps. If possible, automatic updates should be activated in the router's menu or updates should be checked for regularly.

Disable remote access: With remote access, users open ports on their device. Although this function brings numerous advantages, it also gives hackers another point of attack. Remote access should therefore remain deactivated.

Enable two-factor authentication (2FA): Modern routers offer the option of activating 2FA. If settings are changed, they must be verified by another source. This confirmation can be done by pressing a specific button on the device or using the phone.

Change WLAN password: The best encryption method is useless if the associated password is easy to guess. Especially with the standard passwords that are set at the factory, there is a risk that hackers will use special programs to automatically test through known passwords.

Disable WPS PIN: "Wi-Fi Protected Setup" (WPS) is a standard for quickly setting up an encrypted WLAN network. Users only need a PIN for this, which can be read on the device. This function should be deactivated because it is easy to crack.

Change network name: Users should give their WLAN a new name (SSID). The default name often contains the manufacturer name and device type. Attackers can then look directly to see if there are any known vulnerabilities in the router.

Source: Eset