william(at)elan.net wrote:
Actually, and fairly recently, this IS a default password in IOS. New
out-of-box 28xx series routers have cisco/cisco installed as the
default password with privilege 15 (full access). This is a recent
development.
This is hardly only cisco's problem. Most office routers I've dealt with
also come with default username/password and on occasions when I dealt
with existing installation those passwords have rarely been changed.
True. However I much prefer the old way that Cisco did it. No default
passwords on the box at all. But, no remote administration at all until
a password was set on the console.
Now, there is a default cisco/cisco. Newbie admin creates a new
user/pass, tests thinks it's secure, fails to remove the default, game
over.
What should really be done (BCP for manufactures ???) is have default
password based on unit's serial number. Since most routers provide this
information (i.e. its preset on the chip's eprom) I don't understand
why its so hard to just create simple function as part of software to
use this data if the password is not otherwise set.
The old-school Cisco way works for me. Default is no password if you
have physical access, but no remote access.
--
Jay Hennigan - CCIE #7880 - Network Administration - [EMAIL PROTECTED]
NetLojix Communications, Inc. - http://www.netlojix.com/
WestNet: Connecting you to the planet. 805 884-6323
