nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Comcast storing WiFi passwords in cleartext?

From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 26 Apr 2019 14:30:22 -0400
On Fri, Apr 26, 2019 at 07:06:40PM +0300, T??ma Gavrichenkov wrote:

Also, I've seen people who use the same password (sometimes with few easily
reversible modifications) for virtually all the purposes, from the WiFi
router up to their e-mail and banking accounts.


This is one of the many risks incurred here: password re-use is
amazingly common (sometimes, as you note, with a few easily reversible
modifications).  Accruing a database full of these means building a
target, and the bigger it is, the more valuable target it will become.
Also, given that this is a public mailing list, lots of people who didn't
know the target existed last week could certainly know it now.

I hear all the arguments in favor of convenience but it's worth noting
that making things convenient for support ops in this fashion has the
unpleasant side effect of making them convenient for attackers.

---rsk
Previous By Date Next
Previous By Thread Next

Current thread: