On Wed, Jan 6, 2010 at 8:26 PM, Steven Bellovin <s...@cs.columbia.edu> wrote:
> On Jan 6, 2010, at 6:24 PM, Jeffrey I. Schiller wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > An option I saw years ago (I forgot on whose equipment) was a default > > password which was a function of the equipment's serial number. So you > > had to have the algorithm and you needed the serial number which was not > > related to the MAC. So if you didn't have physical access, you were not > > in a good position to learn the password. > > > > I suspect this was a support nightmare for the vendor and I bet they > > went to a more standard (read: the same) factory password. > > > > At the end of the day, minimizing support costs for the vendor (not to > > mention likely annoyance for the customer) trumps providing "default" > > security for the folks who won't change the default password. > > The MyFi apparently does this. According to > http://www.nytimes.com/2009/05/07/technology/personaltech/07pogue.html"The > network password is printed right there on the bottom of the MiFi > itself." > > At least it's not "0000". But yes, my Mifi *had* the password on the bottom. -- Joel Esler