Search
Search Menu

How to protect your network device from a brute-force attack

Q&A of functional explanation or specification parameters
Updated 01-12-2017 03:26:35 AM FAQ view icon7398

A brute-force attack is one of the methods for an unauthorized user to gain access and control of a password-protected device. The aim of this FAQ is to provide an overview of this attack method, as well as ways to ensure protection from it.

 

The basic principle of the brute-force attack is to continually guess the username and password for a device. After purchasing a network device like a router, some customers may prefer to use the default login username and password, (e.g., “admin/admin,” “admin/123456,””admin/111111").

 

To gain access to a networking device, an attacker can embed codes and scripts into malicious websites or software. If customers click on these websites or download the malicious software, the codes and scripts will run in the background, constantly guessing the device login username and password without the customer's knowledge. After correctly guessing the username and password, an attacker can log into the router and change any of its settings.

  

The most effective way to avoid a brute-force attack is to avoid using the networking device's default login name and password, as these are easily guessed in such an attack. Instead, create a complex username and password, consisting of a combination of lower and uppercase letters, numbers and special characters. With a unique, complex username and password, a brute-force attack is much less effective, thus preventing an attacker from gaining access to the network device.

  

Currently, some of our products have already adopted a new web user interface, which has a new password evaluation system that advises customers to set up a new username and password when they log in the web management page for the first time. This system will automatically evaluate the strength of the password, as shown below:

This evaluation system will grade your password as Low, Middle or High.

 

Low: The new password only contains figures or letters

Middle: The new password is of adequate length and contains a combination of letters and numbers

High: The new password is of adequate length and contains a combination of lower and uppercase letters, numbers and special characters.

More products will adopt this new password evaluation mechanism in the near future. For those products which haven’t adopted this system, customers are still encouraged to change their login username and password to one with a unique combination of lower and uppercase letters, numbers and special characters. This will effectively protect their network devices from possible attacks.

For added security, our products also feature a protection mechanism to prevent continuous username and password guessing. After multiple failed login attempts, the router will be temporarily locked. This will stop the practice of continuous guessing further preventing unauthorized access to the networking device.

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Livechat

__livechat, __lc2_cid, __lc2_cst, __lc_cid, __lc_cst, CASID

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au

Meta Pixel

_fbp

Hotjar

OptanonConsent, _sctr, _cs_s, _hjFirstSeen, _hjAbsoluteSessionInProgress, _hjSessionUser_14, _fbp, ajs_anonymous_id, _hjSessionUser_<hotjar-id>, _uetsid, _schn, _uetvid, NEXT_LOCALE, _hjSession_14, _hjid, _cs_c, _scid, _hjAbsoluteSessionInProgress, _cs_id, _gcl_au, _ga, _gid, _hjIncludedInPageviewSample, _hjSession_<hotjar-id>, _hjIncludedInSessionSample_<hotjar-id>

Linkedin

lidc, AnalyticsSyncHistory, UserMatchHistory, bcookie, li_sugr, ln_or