Can't secure wireless access point

[Trellot]

Hey everyone,

I've got a relative with a 7-year-old wireless access point and during this time it's been open/unsecured. Granted, nothing unfortunate's happened to their computer, but when I mentioned this to them they now want it secured. The problem is that I can't gain access to the WAP device's configuration page due to a userid/pw that they said had been setup by another relative way back when...and that relative can't recall what he had input. My question: is there some kind of reset button on the WAP device that will erase this data, thus restoring the default userid/pw that came factory installed? I won't be over there for another couple of days, and I hadn't thought of this when I was there! Any suggestions?

Thanks,

Trellot

[C-A_99]

Every wireless router I've came across has had a reset button. You may have to hold it down for 30 seconds or longer for it to actually reset and clear the nvram. (And if that doesn't work, there's the 30-30-30 reset: hold reset button for 90 seconds straight; while holding, unplug power after first 30, wait 30, then plug back in for the last 30.) The 30-30-30 reset should be a guarantee on clearing the settings. From there you can access it with the default username and/or password that may be present.

[computron9000]

fwiw, the little reset button is normally adjacent to where the power cord plugs in.

[UberGerbil]

Keep in mind if it's 7 years old the security isn't going to be particularly secure anyway (just WPA, probably, which is no longer much of a deterrent) and you'll likely have to manually enter the key on all the clients. Though obviously if they haven't been subject to leeching or worse (at least, that they've noticed) in that time, it probably doesn't matter. But whatever security you'll be adding through this exercise will be mostly theater; it may help them sleep better, but it's not going to be keeping real black hats out.

[computron9000]

While I agree with UberGerbil 1000%, it's important to remember that ANY form of encryption will stop 80 year old grandmas from accidentally connecting and eliminate most devious people without a lot of knowledge on security. Often it's not the smart, well-read and experienced black-hat that gets into networks and causes problems, it's just some kid that connected to an unsecured network or uses some program he finds to bust WEP. Especially the less-dense the population is around you. If you live downtown in a big city, WPA2 is REQUIRED imo. If you live out in a quiet lake-town or something, you could probably assume the chances of some ultra-devious black-hat or war-driver is pretty low.

I would not personally bother with WEP (although again, it does stop the common person), but WPA is fine still for a residential network that does their important business over SSL and has nothing to hide. And putting in the code on 2-3 computers only takes a minute or two, even if you update preferred network connection order at the same time.

Obviously a new router w/ WPA2 should be installed in this case. But if they don't want to spend the money, even WEP is way better than unsecured: admittedly, worthless against anyone that WANTS to break in, but does prevent accidental entry (or even intentional, just wanting free WiFi entry).

[Contingency]

There's not really a difference in security between WPA and WPA2.

[computron9000]

You don't think AES/+CCMP matters?

[Contingency]

You don't think AES/+CCMP matters?

As long as it's easier to attack the passphrase than it is to crack the encryption scheme, I don't.

[bdwilcox]

I'd also MAC address filter. This will be invisible to them and will add another layer of protection, especially against leechers both accidental and malicious.