Can you secure the remote access router password for me?
Yes, please!
Of course, having a secure password on your network devices is definitely among IT good practices, but how many customers actually integrated IT security in their OT workflows?
There are many OT systems installed out there, in infrastructure projects, at factories, in buildings control cabinets, sometimes for years already, with still the default manufacturers password.
Remote access routers and IoT gateways are no exceptions. Because their manufacturer knows that users struggle with remembering passwords, they picked something simple for the default one, like admin/admin or even simpler. That actually leaves the work, to secure the router, to the one who installs the router: the machine builder, the system integrator. Up to them then, to change the password… or not, as reality shows in the field.
At MB connect line, we believe that, as manufacturers and suppliers for the industry, we should take care of that. We have the knowledge of IT security and we have the experience of OT workflows, it is thus just normal that we should supply a solution that is decently secure and that helps our users to install & operate our systems with security built in.
Therefor all MB connect line routers, mbNET.rokey, mbNET and mbNET.mini, leave the factory with a unique and complex default password.
This way, if someone knows the default password of one router, it is of no help to access another. Of course, authorized users can change passwords to meet their own procedures.
It is not only a recommendation of security agencies worldwide, this time it is also a legal obligation in some countries. The state of California, with Senate Bill 327, made it compulsory, for all IoT device to either be delivered with a unique default password or to impose the user to set a password at first use… from January 2020 already.