Why You Should Change the Default Password on a Wi-Fi Router

Make it harder for hackers — or even just snoopy neighbors — to screw things up

Picture of a router with cords attached to the back
Tetra Images/Getty Images

A router sits between you and the internet. It's the central networking hub between your computers and phones and the wider network as connected by your internet service provider.

While most people realize the importance of a Wi-Fi password, they often overlook the necessity to have a unique router password. Because the router is so fundamental to information security — especially if you own a Wi-Fi router — you should secure this device just as tightly as you lock your front door at night.

New Routers Use Default Information

Screenshot of the default router login information for a Linksys WRT54GL router
Default Login Information for a Linksys WRT54GL Router.

Wireless broadband routers allow a designated administrator to manage the network through a special account. Anyone who knows this account's username and password can log into the router itself, which grants them complete access to the device's features and information about any devices that are connected.

Most router manufacturers configure their new routers with the same default username and password. The username is often simply the word admin or administrator. The password is typically blank (meaning there is no password out of the box), or it'll use the words admin, public, password, or some other simple word choice. Manufacturers rarely set difficult or secure passwords, because they are meant to be changed when the network is first set up.

In fact, you can access lists of these default router passwords online. We've compiled examples organized by manufacturer: Cisco, Linksys, NETGEAR, D-Link.

Why You Should Change the Password

The default usernames and passwords for popular models of wireless network gear are well-known to hackers and often posted on the internet. If the default password isn't changed, any attacker or even a curious individual who comes within signal range of an unsecured router can log into it. Once inside, they can change the password to whatever they choose, locking the owner out of the router and effectively hijacking the network.

The signal reach of routers is limited, but in many cases, it extends outside a home into the street and into the homes of neighbors. Professional thieves may be unlikely to visit your neighborhood just to hijack a home network, but curious teens living next door might give it a try.

Leaving your network open to anyone because you didn't change the default password is asking for a host of troubles. Invaders could access your computer files, use your internet connection for illegal purposes, and introduce viruses and many other types of malware to your entire network, affecting any and all computers and devices that connect to it in your home.

Managing Wi-Fi Network Passwords

To improve the security of your Wi-Fi network, even if only slightly, change the administrative password on your router when you install the unit. You’ll need to log into the router’s console with its current password, locate the settings for changing the router's password, and then choose a strong new password.

If you also have the option of changing the administrator username (some models don't support this setting), it is wise to change it. After all, the username is half of the credentials necessary for access, and there's no reason to make a hacker's job easier.

WRK54G Router Console - Administration Password
Different routers have different screens. The Linksys WRK54G router, a popular home device, sets its password on the Administration tab of the router's control panel.  Linksys

Changing the default password to a weak one like "123456" does not help. Choose a strong password that is difficult for others to guess and hasn't been used recently.

To maintain home network security for the long term, change the administrative password periodically. Many experts recommend changing Wi-Fi passwords every 30 to 90 days. Planning password changes on a set schedule helps make it a routine practice. It's also a good practice for managing passwords on the internet generally.

If you tend to forget passwords, especially those you use infrequently (and you probably won't be logging into your router very often except to change the password or make a new Wi-Fi password), you can write it down in a safe place — not next to your computer — or in a password manager.