NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Why isn't ORBI Login Secure
I like the product but why is the browser login for Orbi insecure? (http://orbilogin.net/adv_index.htm). IF I change to HTPPS I get a different error. I don't use the phone app becasue I find t...
willemdh wrote:
HTTPS is really important and should also be enabled inside the network. otherwise the password used when logging in, can easily be sniffed by bad actors..
Please add this feature asap...
Done!
It works already. The ugly thing, however, is that Netgear has totally messed up the SSL Certificate on the Orbi line, so modern browsers like Chrome will complain, "The Cert is bad. Don't go there! Oh, no. The sky is falling."
Try it for yourself: https://orbilogin.net. Just ignore the warnings and proceed to the Orbi Home Page. Works great!
Orbi offerts RM:
Remote Management Address: https://###.###.###.###:8443
Its the local LAN side thats doesn't offier https that users are asking about:
Again, most router mfrs don't offer this. Threre are some though.
FURRYe38 wrote:Its the local LAN side thats doesn't offier https that users are asking about:
Au contrair, mon ami. The LAN side DOES support https. Just type it in (https://<ip of orbi>). And, when the web browser says, "WARNING - INSECURE - GO BACK, GO BACK", click on the "Advanced" option (or similar) and go to the web page anyway.
This "give us https" thing has been rattling around for years. It is a long running theme in the "ideas" section.
Idea Exchange For Home - NETGEAR Communities
for example, plenty of them here:
Search - NETGEAR Communities – https
As FURRYe38 says, "http" access does seem to be an "industry standard". And it isn't limited to routers. NAS boxes can play the same game.
Out of interest, has anyone ever reported a security incident on their local network that they can put down to this "hole"?
