VoIP Phone Users Warned About Risks of Default Settings

[HardOCP News]

While I am sure none of you guys would get caught running ANYTHING with default security settings, we all know people that probably do. Let's make the world a safer place by forwarding this link to the people in our lives that still use default passwords.


UK-based security consultant Paul Moore was recently hired to observe the installation of VoIP phones in a company and noticed a worrying practice that is likely present in many homes and organizations — the default settings, including default passwords, are not changed after the devices are installed. The problem, as Moore and other experts have pointed out, is that the default configuration is rarely secure. In many cases, the administration interface of VoIP phones can be accessed with a default password, which is usually very weak (e.g. “admin”), or without any sort of authentication.

 

[sfsuphysics]

Hey who hasn't seen a neighbor's wifi router suddenly pop up, and just out of curiosity you check the default admin password and sure enough it works every now and then!

 

[snowcrash]

Instead of saying the risks of default settings, why not just come right to the point and say to change the default password in the article title? That is it. There is nothing else that are absolutely required to change.

 

[FLECOM]

all my voip phones are default settings, because they are behind nat anyway

 

[nutzo]

all my voip phones are default settings, because they are behind nat anyway

That's fine until someone happens to get past your firewall/router and onto your network.