I've just upgraded to the 300Mb/s plan and got the new SuperHub. To my surprise, when I got it and set the password, it's actually shown instead of encrypted like, well, just about every password box on the internet.
Does everyone else have this? According to the info page, I'm on:
I do understand your concerns about this though as the password would only be entered during the confines of the home (as opposed to an Internet cafe for example) the risk of 'over the shoulder' peeping is relatively minimal.
Any Hub improvement suggestions that have been previously presented to the firmware team will most likely be dealt with in future firmware updates.
Thanks for reporting this, I'll make sure it gets flagged up the right persons.
I couldn't believe this when I saw it (IE and Chrome) - yes, shoulder surfing isn't a huge issue in my house but it's the principal of it and if someone doesn't consider security here, it begs the question as to where else will they not consider it.
Virgin's response to this is quite frankly a very lame cop out. The SuperHub 2 password is hidden and it's quite standard protocol to hide passwords on any login screen regardless whether it's being used at home or not - you cannot (and shouldn't) make that assumption anyway. Just admit that the engineers who implemented this haven't got a clue and stop trying to justify it.
I'm sorry, that's a terrible answer. I got my SuperHub 3 installed today and I'm astounded that the password is in clear text when you enter it. Home use or not, that's a terribly bad security practice and as an IT professional I'm horrified at it. I can imagine that it might have cut down on a few support calls from fat-fingered users, but a simple '[ ] reveal password' checkbox would have been much more suitable and provided security by default.
PLEASE change this - You simply need to change the HTML from <input type='text'> to <input type='password'>. It's that simple and there are NO excuses for this lousy practice!
I must admit I was also surprised when I typed in my password especially when you consider this can be made remotely accessible - not that it or any port forwarding works on the hub3 - looks like I'm going back to my 2ac hub that actually works and has better security - ill keep the hub 3 as a dumb router.