Wednesday February 17, 2016

VoIP Phone Users Warned About Risks of Default Settings

While I am sure none of you guys would get caught running ANYTHING with default security settings, we all know people that probably do. Let's make the world a safer place by forwarding this link to the people in our lives that still use default passwords. wink

UK-based security consultant Paul Moore was recently hired to observe the installation of VoIP phones in a company and noticed a worrying practice that is likely present in many homes and organizations آ— the default settings, including default passwords, are not changed after the devices are installed. The problem, as Moore and other experts have pointed out, is that the default configuration is rarely secure. In many cases, the administration interface of VoIP phones can be accessed with a default password, which is usually very weak (e.g. "admin"), or without any sort of authentication.