Dumping the admin password of the BT Home Hub

So BT added a new security feature on the latest version of the BT Home Hub firmware (6.2.6.E at time of writing) which changes the default admin password from admin to the serial number of the router. From BT Support and Advice site:

When I first noticed this new feature I thought it was quite cool and definitely a good move from BT. [...]

more | comments | comments rss | posted by

Attacking Password Recovery Facilities

Today, most public websites offer the following 3 functionalities: account login facility (login page), account signup facility (account registration / create new account page) and password recovery facility (forgot password page). This is especially true on e-commerce sites with a large user base. [...]

more | comments | comments rss | posted by