IP Technical question
Paul Barnfather
ukcrypto at chiark.greenend.org.uk
Tue, 27 Jan 2009 17:07:23 +0000
>> Only if they've stolen your password (and perhaps only if they are on
>> the same exchange etc... I'm not sure how wide the reach of these
>> "surprisingly promiscuous" logons is).
>
> They don't need to steal your password. You'll find that most ISPs will
> allow any username and password to connect to any of their circuits. For
> instance, if one of our customers happened to obtain the password of
> someone else, then they could login from their own broadband line.
Fascinating - thank you for the clear explanation. The line at my new
house is indeed with the same provider as the one at my old house.
I always wondered why the ADSL username/password was necessary as I
had assumed that ADSL service was somehow "tied" to the physical line.
It is interesting (and slightly worrying) that someone could
potentially use "my" broadband account from (any?) another phone line,
with the result that any such activity is a) unknown/invisible to me
and b) logged against my account/IP address.
I have no idea how secure the password storage is in consumer modems
but next time I change one I'll try to remember to reset the old one
back to the factory settings...