cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

D-Link Settles on Hardcoding Credentials

Router and webcam maker D-Link has agreed to implement a new security program to settle charges dating back to 2017 that it failed to safeguard its hardware against well-known and preventable hacks and misrepresented its existing security regimen.

 

Specific shortcomings cited by the FTC included:

 

  • hard-coded login credentials on its D-Link camera software that used easily guessed passwords
  • storing mobile app login credentials in human-readable text on a user’s mobile device
  • expressly or implicitly describing its hardware as being secure from unauthorized access

and

  • repeatedly failing to take reasonable testing and remediation measures to protect hardware from well-known and easily preventable software security flaws