Too much security won’t spoil the router, will it make it better?

May 18th, 2009 by Olga Koksharova
Category: «General», «Passwords & Human Factor», «Security», «Software», «Tips & Tricks»

A number of D-link routers are now equipped with captcha feature. Sounds interesting. 

Chief technology officer in D-link says: "We are excited to be the first in the market to implement captcha into our routers, providing yet another layer of security to our customers".

No doubt, captcha is a wonderful spam filter for mails and a reliable obstacle to unauthorized access in the web, but is it as good for routers as for the web? Dan Goodin from the Register says that SourceSec Security Research bloggers easily found a way to change router settings, even avoiding the necessity to pass the captcha test. The new feature still allows gaining password’s salted MD5 hash and captcha image’s input from the GetRequest. The Register (we too) suggest using strong passwords instead. And of course, you should take care about the strength of your WPA/WPA2 password as well; Elcomsoft Wireless Security Auditor will help.