Critical Attack Alert “Increasing Risk”: Change Your Router Password Now

Updated January 5, 2025: This story, originally published on January 4, now includes a user guide explaining how to change your router’s administrator credentials from start to finish.

Attackers are in an ideal position to compromise networks thanks to supposedly secure devices protected by default credentials. That’s according to a new report by threat intelligence experts at IBM’s X-Force unit, which warns that a reality check on routers is needed after research revealed that 86% of routers still use administrator credentials by default. Here’s what you need to know and do.

ForbesDon’t click twice: new Chrome, Edge and Safari hack attack warningBy Davey Winder

A Router Reality Check Can Protect You From Hacking Attacks

As I reported at the time, researchers at Broadband Genie recently revealed that 86% of people had not changed their router’s administrator credentials from the factory default settings. Never. Why is this a problem? Well, that means I probably know your admin credentials. By this, I don’t just mean “administrator” and “password”, as one might expect. Any half-savvy hacker knows how easy it is to find specific default credentials for almost any make and model of router. There are even search engines dedicated solely to this task. But it’s even worse. Broadband Genie also reported that 56% of internet users have never reconfigured the router’s default settings. None. 89% had also never updated router firmware. Leaving any newly discovered vulnerabilities there as they were in the factory. All of this explains why IBM’s X-Force threat intelligence analysts issued a router reality check warning. “Why spend the time and effort creating phishing emails and stealing personnel data,” said Doug Bonderud, writing on the IBM X-Force Security Intelligence blog, “when supposedly secure devices are accessible using administrator and password as credentials?”

ForbesUrgent Warning of New Email Hack: Passwords and Email Content ExposedBy Davey Winder

The Growing Risk of Router Attack

Warning of the growing risk of router attacks, Bonderud said attackers who manage to compromise routers can control incoming and outgoing network data, introducing risks including redirecting users to malicious web pages, the ability to execute data from the attacker in the middle. theft attacks, exploiting distributed denial of service attacks as part of a larger botnet of compromised routers such as Matrix, and monitoring user behavior. “The nature of attacks on routers also makes them difficult to detect,” Bonderund warns, “because cybercriminals do not break into routers or take circuitous routes to evade security defenses.”

In my last report on the dangers of default router credentials, Broadband Genie’s resident broadband expert Alex Toft said that leaving the password default is the easiest way for someone to ‘access your router, and this represents “an open invitation for nefarious characters to snoop and take what’s yours.” The fact is that this is not a difficult thing to mitigate, because if you choose a strong enough password, there is absolutely no need to change it again unless you have reason to believe that it has been compromised. You can use a password manager to create such a password and store it securely. So remembering it when you need to use it is no problem.

ForbesGoogle Chrome 2FA bypass attacks confirmed: millions of users at riskBy Davey Winder

Step by Step: How to Change Your Router Administrator Credentials

Before we begin this step-by-step guide, please note that we are talking about changing your router’s administrator login credentials rather than your wireless password. The truth is that it is the default administrator username and password settings that are most valuable to a potential attacker.

1. Open the router configuration settings page. There are several ways to find out where this location is. If you don’t already know, checking your router’s manual or online documentation is a good start. You can also take a look at the sticker on the bottom of your router, as this often has the address for the default settings. You can also try typing 92.168.0.1 or 192.168.1.1 in your web browser. Finally, there is the nerdy nuclear option of typing ipconfig into the Windows command prompt and looking for the router’s IP address under the default gateway setting.
2. Enter the existing default administrator username and password. Try admin and password respectively, it might work. Otherwise, you can find the defaults using an online tool such as Router Password Finder. Again, check your documentation as well.
3. Head to the account management section, often found somewhere like Advanced | System Tools | Administration, but check the documentation if you have difficulty.
4. Change your router’s administrator username and password to something unique, save your changes, and you’re done.