Analysis Of Default Passwords In Routers Against Brute-Force Attack

Abstract Password authentication is the main means of access control on network routers and router manufacturers provide a default password for initial login to the router. While there has been many publications regarding the minimum requirements of a good password how widely the manufacturers themselves are adhering to the minimum standards and whether these passwords can withstand brute-force attack are not widely known. The novelty of this research is that this is the first time default passwords have been analyzed and documented from such a large variety of router models to reveal password strengths or weaknesses against brute-force attacks. Firstly individual default router password of each model was collected tabulated and tested using password strength meter for entropy. Then descriptive statistical analysis was performed on the tabulated data. The analysis revealed quantitatively how strong or weak default passwords are against brute-force attacks. The results of this research give router security researchers router manufacturers router administrators a useful guide on the strengths and weaknesses of passwords that follow similar patterns.