NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
How secure is Orbi?
Why is www.orbilogin.com not https? It doesn't feel secure to not use https login in my Orbi.
8 Replies
Pascal1970 wrote:
Why is www.orbilogin.com not https? It doesn't feel secure to not use https login in my Orbi.
...because you're staying within your network...??
Thanks. Of course. As long as the network is protected from the outside it should be no problem ;-). I was puzzled because Chrome is warning me: you're visiting a not secure websited.
Do you not have to be physically cabled into the router to access the orbi login?
for it to be ssl in network you need to be self signed .. self signed certificates will still get the same unsecure error -- only 3rd party certificates are trusted (internet is reqired) --- as long as remote connect is off you shouldn't have to worry
orbilogin.com call is captured by your obi - its kind of a browser hi-jack
some routers do ssl
unifi and synology do -- not sure all models
**other mesh systems like google control the log-in on there servers there ssl there by default and you have no control over it (last time i checked)Self signed certificates can be trusted (for subsequent connections anyway) too. This would provide server side authentication which would prevent other devices on your network from intercepting that magic URL.
Elmwoodie.
Thats a great question. It should be. Even a self signed cert would provide server authentication (after the first connection anyway) on top of encryption on the wire. Its just sloppy not to implement it.
Connections can easily be intercepted internally. Even more so without server side authentication. Its not likely i guess, but still.
Elmwoodie.
