Rogers Community

tgilbert · ‎03-03-2022

So, I discovered something today that is pretty concerning. I tried to log into my router today and found that my password did not work. After a number of attempts, I tried "password" and sure enough it worked.

At some point, Rogers installed a new firmware to the Router and reset the password back to factory default. The only reason that I noticed is that port forwards seemed to stop working. When I got it, and reset the password to a secure one, i realized that most of the settings in the router has moved to http://ignitewifi.rogers.com/ which is probably when they made this mistake.

Additionally, my router is not public on the internet using the external id since my DMZ setting had been wiped as well. Probably for the same reason, to make http://ignitewifi.rogers.com/ website work.

I am pretty upset with the depth of incompetence to reset my routers password to the default and giving me no notice, no notifications, nothing. I've been having random internet problems, for all I know random internet trolls have been logging in to my public unsecured modem and been messing around with the settings. Unbelievable. What are you doing, Rogers?

I am here just to complain and let others know. I have no idea when this actually happened, I hadn't needed the port forward to actually work for several months.

Tim

***Added Labels***

tgilbert · ‎03-04-2022

Thank you Tony.

I do need to make a correction, after further research the public facing administrative console that Rogers modem's exposes is *not* actually exposed to the public. So although it is definitely bad practice to reset peoples passwords to "password" during a firmware install, at least they didn't expose me to online script kiddies from attempting to login to directly into my home internet.

You need to find a way to preserve credentials during firmware updates, or you need to notify users that have logged into that console at least once of the change. Having "password" is probably the same as having blank password, so after a firmware update you could simply remove all passwords and allow me to reset rather than having me spend an hour trying to figure it out.

Tim

View solution in original post

RogersTony · ‎03-04-2022

Hello, @tgilbert

Welcome to the Rogers Community Forums and congratulations on your first post.

It's disappointing to hear about your experience with your modem. It sounds like there may have been an firmware update that could have caused some of your settings to change. We recommend using the Ignite WiFi Hub app to change the settings on your modem. Doing so should avoid these type of issues in the future.

Thanks so much for posting your experience in the community.

RogersTony

tgilbert · ‎03-04-2022

Thank you Tony.

I do need to make a correction, after further research the public facing administrative console that Rogers modem's exposes is *not* actually exposed to the public. So although it is definitely bad practice to reset peoples passwords to "password" during a firmware install, at least they didn't expose me to online script kiddies from attempting to login to directly into my home internet.

You need to find a way to preserve credentials during firmware updates, or you need to notify users that have logged into that console at least once of the change. Having "password" is probably the same as having blank password, so after a firmware update you could simply remove all passwords and allow me to reset rather than having me spend an hour trying to figure it out.

Tim

Rogers Community

Ignite WiFi Router password reset

Re: Ignite WiFi Router password reset

Re: Ignite WiFi Router password reset

Re: Ignite WiFi Router password reset