I'm copying this to the list because it was sent directly to me... There
are definitely many ways of "encouraging" people to change the password
which could be explored, another example is the WAN interface could be
disabled until the password is set. A few more thoughts on something
like that or the WiFi disable proposed below though:
-Don't just have a feature like WiFi die without an error message
indicating the password must be changed, again bad user experience (and
lots of support requests)
-Make sure that the error is clear BOTH in LuCI and the CLI and provide
instructions for changing the password (e.g. just sending an error to
the console is not sufficient) LuCI already can detect the null password
condition as it prompts the user with a banner to set a password, this
could be adapted to check for a default password and the warn the user
that some features are disabled until the password is changed
-Ben
On 9/9/2015 6:05 PM, Derek & Vicky wrote:
I agree no password is problematic, so is a default password that
never gets changed. So what if the wifi startup script checks the
md5sum of the /etc/shadow file against the sum it created at startup
Or predefined value. This way it won't enable the wifi unless the sum
changes.
Derek
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
