Many folks seem to be stuck with their Unifi Passwords. It’s actually quite simple.
For the most part, most Shops and Restaurants that provide Free Wi-Fi via Unifi don’t change their Router Password allowing easy access for a nefarious intruder to logon and gain access to the router. Once inside, they’ll be able to do lots and lots of damage, including opening up a permanent backdoor to the router for continuous malicious fun!
Don’t be afraid though, for the most part iPhones are pretty invulnerable to network attacks, ‘most’ Androids as well. However, a small select few who choose to roots their phones and install non-standard pieces of software may be susceptible to.
If you’re on Unifi and find yourself ‘locked’ out of your own router, try these password combinations:
Username : admin
Password : <blank>
*<blank> means don’t enter anything and leave the field blank
Username : admin
Password : telekom
Either of these should get you into your router. If you’re still unable to log onto your router, don’t despair. This is actually a good opportunity for you to practice your newly found skills. The guys over at Unifi Athena have actually come up with a way to find your router password through some very simple and easy steps, check out their tutorial here.
Unifi Passwords at the Kopitiam
Well, for the most part, in about 80% of the kopitiams and cafes I visit that offer Free Wifi, I always log onto the default gateway and try the passwords above. About 80% of the time they work–which is bad. Only about 20% of the cafes I’ve seen actually take 5 minutes off their busy day to change their Unifi Router Password.
If you’re feeling a bit nefarious with someones Wi-Fi. The worst thing you can do is to change the password, this is easily detectable and you’ll soon be found out. I suggest a more subtle approach, where you first setup a DDNS for the router (this allows you to access the router from your home later on), and then have some fun from the comfort of your own home.
Is it safe to logon to a Kopitiam Wi-Fi
The internet is by definition un-secured (or is it insecure?). Every data packet you send over IP is travelling through various networks–most of which may not be secured, you cannot assume your internet connection is secure even if you’re at home. The best security for internet connected devices is on the end points, it’s more important that your phone, tablet or laptop is secured rather than the network.
Most iPhones come with good security provided you don’t jailbreak or root it. Androids are reaching that level soon. If your phone is encrypting all the data leaving it, then even if the network is compromised there’s nothing an attacker can see. To understand how SSL works, check out a previous post of mine here.
One of the first things you should always do is change your router password the moment you get it. Never leave it as a default. Unfortunately, I’m quite sure most TM installation teams don’t do this for their customers, leaving people like the Kopitiams vulnerable to attacks from even the most newbie of hackers.