NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

tomschmidt's avatar
tomschmidt
Virtuoso
Dec 27, 2019
Status:
New Idea

Hide SSID password on router home page

Netgear, please DO NOT DISPLAY the WiFi passwords in the clear for the primary and guest networks on the default Basic -> Home page of the http://orbilogin.com web interface. The passwords should not be displayed on this page at all, instead it would be more helpful to display the encryption being used on both the Primary and Guest WiFi networks for this status page. Please correct this security issue! The password can still be shown when uncovered on the WiFi Settings pages if needed, else it should only show *********** to hide the SSID password. There is absolutely NO REASON to display PASSWORDS IN CLEAR TEXT on the home page!

Cable Modems & Routers
Orbi WiFi System
WiFi Routers

9 Comments

  • Shadow_Cipher's avatar
    Shadow_Cipher
    Novice
    Jan 04, 2020

    I totally agree with you on this. I don't even like storing passwords in plain text on Linux systems where that is required. If there was a way around that I wouldn't either. I did not like seeing the passwords in clear text on the landing page of the router though, I know that has to be a security issue.

  • iceblink's avatar
    iceblink
    Aspirant
    Feb 09, 2020
    Totally agree, and I hope Netgear will address this issue even when only a few kudos are given!
  • JayInTech's avatar
    JayInTech
    Tutor
    Apr 17, 2020

    Yes, I agree.  Do not show passwords in plain text ANYWHERE! All the Netgear router control panels do this.  It's insane that Netgear thinks this is ok.  netgear  Obscure the password in router control panels! Let the admin view it by "clicking to unmask".

     

  • arrasmith's avatar
    arrasmith
    Novice
    Oct 05, 2021

    Reported almost 2 years ago.  Should be a simple fix.  PLEASE fix this.  I have a couple friends/neighbors I have convinced to buy the ORBI and when I have to go and show them something, there in plain site is my network password.  I would really appreciate either astericks with the click on eye to view passwords -or- remove the password from the widget and link to the other page that already has the astericks implemented.  Thanks :)  

  • CWafflesTX's avatar
    CWafflesTX
    Aspirant
    Oct 07, 2021

    I completely agree with this.  This should be a VERY easy fix for Netgear.  Any network security person in the world will tell you that you should never have a password in plain text that on a main home screen.  Seriously Netgear, take security a little more seriously.

  • gregorioandador's avatar
    gregorioandador
    Fledgling
    Dec 24, 2021

    Adding my two cents.  Seems pretty serious and should not be shown by default on a home page.  Makes me wonder if Netgear takes security seriously and what else is insecure in the internals of the router.

     

    I would be okay with the "eye" button on the home page with the wireless areas like what is on the "wireless settings" page.  Even then it's much safer to just be able to see the password in one place and that via the "wireless settings" page.

  • FURRYe38's avatar
    FURRYe38
    Guru - Experienced User
    Nov 23, 2024

    The display of clear text is only administrative intended for use with the 1 admin user who manages the routers web page. It is intended to be in the clear so one can have a quick check to see what the password is, while the config page does have it hidden with (*). So something that NG would not change. Again only the admin user would have access and have the need to see this. This is not a security risk. 

    Enjoy.