NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
This is a terrible bug/feature
This is a terrible bug/feature. Why add these security questions if you don't go through the proper steps to make sure they are reliably correct for the end user? Nothing is more frustrating then getting locked out of a device I paid for. I shouldn't have to factory reset my router and go through the trouble of updating my settings if you can't maintain a functional product.
3 Replies
My personal experience with Password Recovery was "interesting". After entering a password incorrectly three times in a row, the page came up. I entered the router serial number (which demonstrated that I had physical access to the router) and was not able to get past the security questions. What appears to have happened was that during the initial configuration, I had skipped over the step of deliberately enabling the Drop Down Menu and selecting each security question, and entering the answer. Since I had not done that step, none of the questions had been selected and no answers were recorded.
After much swearing, I did a Factory Reset and reconfiguration. This time, I was very careful to go through the process. Click the arrow. Pick a question. Enter the first answer. Click again. Enter again. Once the router was configured, I went back and deliberately entered the password incorrectly three times. Password Recovery appeared, I entered the serial number and the correct answers, and 'voila', it worked!
This is an easy hypothesis to test. Do the Factory Reset. Perform the configuration. But, do not "drop down" and select questions. Then see how Password Recovery works.
the security questions are ones the user selects and inputs the answers. Netgear just gives you a choice of which ones. If you picked one and don't answer it correct, that's on the end user.
except I know the answers to my security questions and they still get marked wrong. even accounting for some brute force attempts that cover basic typos nothing works. So it is not an end user problem when one knows the answers and there is no recovery method if the software itself fails. also why even have security answers that are mandatory? can we not allow the user to have control over whether or not they want to use security questions in the first place?
