Range extender was compromised due to Admin setup

My 2000 extender was compromised due to default admin access.  I do not want that to happen again on new 2500.  There is no place in setup to change this default from admin and password.  Most routers have the ability to change these as many are being compromised someway when not changed.  There are sites just for info on how to screw up the routers and extenders.  The 2000 goes immediately to a bad site and resetting it does nothing.  If I go directily to my main DSL  router wifi, all is fine.  That default access was changed up front and it is a netgear ADSL2+ from AT&T. How do you get into the 2000 and 2500 to change the default access name and password?  Also how do I get drid of the 2000 bios or whatever that is going to a bad page when connected to it?