Sunday, 29 November 2009

PPPoA Password Retrieval on Netgear DG834

I wanted to install a new firewall on my home DSL connection recently, nothing against the Netgear as it works great, but I had a Juniper box that I wanted to try out. The UK uses PPPoA for home DSL connections so you need a username and password to get onto the network.

The DG834 has a web interface for management, Netgear's own FAQ has help with retrieving that password if you've lost it. Once on there, you can get the basic settings which looks as follows:

The password is starred out.

It's hidden using an HTML password field, which is meant to stop someone looking over your shoulder from seeing what password you type. However that is all it aims to protect against, it's then down to the individual web application as to whether it actually strips the password from the source code...and this Netgear doesn't.

You can use your browsers "view source" option (or "this frame" -> "view source") to read the PPPoA login from the HTML code: