Jump to content
Tomorrow you will no longer be able to login to the forum using your display name, you will then be required to use your email address to login. This is for security purposes and will take effect on 15th Nov 2024. ×

Enable HTTPS Login page on XR1000


Recommended Posts

As the title says. How do I enable HTTPS login on the XR1000? I am using the most current firmware at the time of this post (hotfix 1.0.0.72_1.0.62). I cannot seem to figure out how to enable it. Please dont say that it cant be done on one of netgears top of the line, flagship products. Its 2024 and I shouldnt have to explain how plaintext logins are bad. But using a program like wireshark, discovering basic auth, unencrypted logins is literally only 2 clicks. One might argue that in a home environment https logins arent "necessary". But, as long as you have wifi capability, you are at risk. So, there needs to be a way to enable it, im just not sure how. Can someone direct me on how to do it?

Link to comment
Share on other sites

@ajack

What are you talking about? If they have access to the network it wouldn't matter if you have https for the login of your router as they would've already bypassed the security at that point...I don't believe there such option as that typically done by the manufacturer. Motorola does the same and this is there explanation which makes sense to an extent. To note there no perfect network even nasa get's hacked so there only so much you can do....

Quote

There is no risk unless your computer is comprised with a virus. As far as through the wifi.. its technically possible? But extremely unlikely. In my opinion,  someone would have to have the knowledge, resources, and be physically at your location when you are accessing the admin page at that moment to grab that information over the air. They would have to break through the WPA2-PSK with AES wireless encryption to even start looking at the information. It's likely not worth the energy, and people of that caliber have better marks for profit. 

 

Link to comment
Share on other sites

5 minutes ago, DARKNESS said:

@ajack

What are you talking about? If they have access to the network it wouldn't matter if you have https for the login of your router as they would've already bypassed the security at that point...I don't believe there such option as that typically done by the manufacturer. Motorola does the same and this is there explanation which makes sense to an extent.

Quote

There is no risk unless your computer is comprised with a virus. As far as through the wifi.. its technically possible? But extremely unlikely. In my opinion,  someone would have to have the knowledge, resources, and be physically at your location when you are accessing the admin page at that moment to grab that information over the air. They would have to break through the WPA2-PSK with AES wireless encryption to even start looking at the information. It's likely not worth the energy, and people of that caliber have better marks for profit. 

 

WPA2 is already broken. It has been broken. That's not what I'm asking. I'm asking why there is no https login page. If you would like to delve deeper into how secure you *think* WPA2 is please review the following: https://www.fortinet.com/blog/business-and-technology/wpa2-has-been-broken-what-now .

And yes, viruses often do target routers and networks as a whole. Ibalso live in an urban environment where thousands of people travel past my home on any given day.  I guess my biggest question is why you think I wouldn't WANT to give my network tjr best chance possible.  Like.. you somehow think that just because you feel like WPA2 is secure (it's not, see above) that someone would need to have physical access to my lan?

 

Again. Why do you care What i do? Do you lock your doors on your home or car? Pretty silly when all someone has to do is break a window, right? Yet nobody's going to advocate leaving your car or home unlocked. Im not even sure why you felt like you had to chime in?

Link to comment
Share on other sites

Just now, Netduma Fraser said:

It's not possible unfortunately. The interface is only able to be accessed locally unless you enable the remote management option so it isn't necessary really like mentioned above.

Thank you, Fraser. That's unfortunate. 

Link to comment
Share on other sites

@ajackJust gave you an answer don't have to be so salty about it when it's straight forward there's WPA3 though that won't save you from hackers at the end of the day if your not smart that is...you can only be so secure enjoy your day buddy.

Link to comment
Share on other sites

You gave an incorrect answer. An outdated answer. And you have the audacity to call me salty? That's crazy. I hope your day gets better than this.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...