AT&T routers, for example, ship like this. There's a wifi network and a wifi password printed onto the device.

But that also means then that often anyone with physical access can easily get into the device. The complicated password provides an additional layer of illusion of security, because people then figure "it's not a default admin password, it should be good". The fundamental problem seems to be "many people are bad at passwords and onboarding flows", and so trying variations on shipping passwords seem to result in mostly the same problems.

▲

some_random 21 hours ago | parent | next [-]

If you have physical access you can just factory reset the device and onboard it with the normal flow though

▲

yannyu 20 hours ago | parent | next [-]

That's fair, though at least resetting would indicate that an attack happened. Default passwords and printed passwords can result in undetected attacks, which are arguably worse.

	▲	some_random 18 hours ago \| parent [-]
		It doesn't change anything in this case though, you can't use the default password against a tp-link device after it's been onboarded.

▲

21 hours ago | parent | prev [-]

[deleted]

▲

mystifyingpoi 21 hours ago | parent | prev | next [-]

Same with Orange branded ones. There is even a QR code that you can scan on your phone - no more typing 16-24 hex characters.

It's hard to decide whether it's good or bad. It is definitely easier. Which I guess matters most in consumer grade routers.

▲

recursive 19 hours ago | parent | prev [-]

I feel seen. Why is the security illusory? I still don't understand the problem with this. Is the concern that someone will break into my house to covertly get access to my wifi password?