Password Management for Home Network Routers

router
deepblue4you/E+/Getty Images

Home broadband routers provide special configuration functions for setting up and managing the local network. To protect routers and their networks from malicious attacks, home routers require their owners to log in with a special password before they can change or even see the configuration settings. Router passwords are a highly effective security aid if properly managed, but they can also be a source of frustration.

Default Router Passwords

Manufacturers of broadband routers build their products with preset (default) passwords. Some router vendors share the same one default password in common across all of their products, while others use a few different variations depending on  the model. Whether purchasing one direct from the manufacturer or through a retail outlet, the router’s default password is set the same. In fact, millions of routers sold around the world from various vendors all use the same password “admin,” the most common default choice.

For more information:

Changing Router Passwords

Default passwords for all mainstream routers are public information widely posted on the Internet. Hackers can use this information to log into other people’s unprotected routers and easily take over entire networks.

To improve their network security, owners should immediately change the default passwords on their routers.

Changing a router’s password involves first logging into the router’s console with its current password, choosing a good new password value, and finding the location inside the console screens to configure the new value.

Exact details vary depending on the kind of router involved, but all routers provide a user interface for this purpose. Some routers additionally support a more advanced feature that causes a password to expire automatically after a set number of days, forcing owners to change it periodically. Security experts recommend using this feature as well as choosing “strong” router passwords that are tough for others to guess.

Changes to a router's password do not affect the ability of other devices to connect to the router.

For more information:

Recovering Forgotten Router Passwords

Owners tend to forget the password their routers are configured with unless they log into them regularly. (They should not use this as an excuse to keep a manufacturer's default password in place, however!) For obvious security reasons, routers won’t show their password to someone who doesn't already know it. Owners can use either of two approaches to recover router passwords they have forgotten.

Third-party software utilities called password recovery tools give one way to uncover forgotten passwords. Some of these tools run only on Windows PCs, but various others are designed to work with routers.

The more popular password recovery tools implement mathematical techniques including so-called “dictionary attacks” to generate as many different password combinations as possible until it guesses the right one. Some people refer to this type of tool as “cracker” software as the approach is popular with network hackers. Such tools are likely to succeed in recovering the password eventually, but they may take many days to do so, depending on the choice of tool and how easy or difficult the password is to crack. A few alternative software utilities like RouterPassView simply scan a router for passwords it may keep stored in backup locations of its memory rather than running elaborate guessing algorithms.

Compared to cracker utilities, these scanning tools run much faster but are less likely to succeed.

The hard reset procedure provides a more convenient alternative to router password recovery. Instead of spending much time and energy trying to discover an old password, resetting the router allows the owner to erase passwords and start fresh with a new configuration. All routers incorporate a hard reset capability that involves turning the unit off and on while following a special sequence of steps. The 30-30-30 hard reset rule for routers works for most types; specific router models may support other variations. Simply powering a router off and on by itself (a “soft reset” procedure) does not erase passwords; the extra steps of a hard reset must also be followed. Note that router hard resets erase not only saved passwords but also wireless keys and other configuration data, all of which must be re-configured by an administrator.

In summary, both third-party software tools and router resets can be effective in recovering lost passwords on a router. Individuals may safely run password recovery tools on their own routers but should never introduce the software onto other networks as serious legal consequences can arise. If preserving a forgotten old password is unimportant, owners can simply hard reset their router and set a new password to recover with relatively less effort.