nanog mailing list archives
Re: Comcast storing WiFi passwords in cleartext?
From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 26 Apr 2019 14:30:22 -0400
On Fri, Apr 26, 2019 at 07:06:40PM +0300, T??ma Gavrichenkov wrote:
Also, I've seen people who use the same password (sometimes with few easily reversible modifications) for virtually all the purposes, from the WiFi router up to their e-mail and banking accounts.
This is one of the many risks incurred here: password re-use is amazingly common (sometimes, as you note, with a few easily reversible modifications). Accruing a database full of these means building a target, and the bigger it is, the more valuable target it will become. Also, given that this is a public mailing list, lots of people who didn't know the target existed last week could certainly know it now. I hear all the arguments in favor of convenience but it's worth noting that making things convenient for support ops in this fashion has the unpleasant side effect of making them convenient for attackers. ---rsk
Current thread:
- Re: Comcast storing WiFi passwords in cleartext?, (continued)
- Re: Comcast storing WiFi passwords in cleartext? Valdis Klētnieks (Apr 25)
- Re: Comcast storing WiFi passwords in cleartext? Töma Gavrichenkov (Apr 26)
- Re: Comcast storing WiFi passwords in cleartext? K. Scott Helms (Apr 25)
- Re: Comcast storing WiFi passwords in cleartext? Mark Foster (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? William Herrin (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? Valdis Klētnieks (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? Mike Bolitho (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? Royce Williams (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? Stephen Satchell (Apr 25)
- Re: Comcast storing WiFi passwords in cleartext? Töma Gavrichenkov (Apr 26)
- Re: Comcast storing WiFi passwords in cleartext? Rich Kulawiec (Apr 26)
- Re: Comcast storing WiFi passwords in cleartext? Töma Gavrichenkov (Apr 26)
- Re: Comcast storing WiFi passwords in cleartext? Töma Gavrichenkov (Apr 25)