Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

Single Factor Authentication, Continued

Partial Transmission of Passwords/PINs is a step up from the chocolate fire safe - maybe to a hard plastic one. Again, it is very vulnerable to phishing, social engineering of all sorts, and key loggers, which will get the information they want after two or three successful logins. Despite that, it is by far the most used method in online banking today. Effectively, all the data necessary to break the login will become available through attacks on the PC, and instantly available through phishing and social engineering.

Scrabble Pads are a joke! Here, the user looks for the alternative letter that is provided onscreen and enters it in the password box. Unfortunately, all the information required for reverse engineering the password or PIN is on this page. The hacker essentially "has the screen", and the letters that are entered, so where's the security? Take a closer look:

The Current Crop, Continued

My desktop Trojan with key logger and screen scraper says "thank you very much" to this sort of thing. It offers no resistance to phishing at all, as the password or PIN is the basis of the substitution, the 'cipher key' displayed onscreen.

And Virtual Keyboards are not much better...

The Current Crop, Continued

As above, my screen scraper can see every button click, irrespective of the 'cipher' that is passed to the server. This also offers no resistance to phishing at all, because if the user has given up the password/PIN, then the virtual keyboard is irrelevant.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Is there a way to block all DNS on port 53 except for a specified device? I looked at SkyNET and the Asus WebUI and didn't see anything that really fi...
Asuswrt-Merlin 384.19 beta is now available (except for the RT-AX56U which won't be available for this release, due to outdated GPL code).The main cha...
New site with updated guide After many requests, I made this tutorial for pyload entware version, works on the following routers: RT-AC66U/R, R...
I currently have a wd my cloud but the remote access required me to port trigger to redirect the default ports form 80 and 443 in order for it to work...
New firmware was just released for the GT-AC5300 this morning EST, Aug 4th, 2020. Haven't checked the release notes yet. It's available via the admin ...

Don't Miss These

  • 1
  • 2
  • 3