KMAX Changes Its Passwords

IWL's KMAX network emulator is changing the way passwords are handled.

The state of California has enacted a new law that affects the way that initial passwords are established on network attached devices TITLE 1.81.26. Security of Connected Devices

It is a sensible law that will improve the security of devices on the internet.

As a consequence of these new requirements IWL is making a few changes to KMAX.

These changes are in effect for KMAX units constructed after mid November 2018. (Except for KMAX-V, the date for the change on that platform is yet to be established, but it is expected to occur before the end of 2018.)

New KMAX units will be initialized at the factory with passwords that are unique for each unit.

These passwords are for administrative use on KMAX units. Of these, the most commonly used of these are the "kinfo" and "ksetup" logins:

  • "kinfo" will display the configuration of the management and other network interfaces.

  • "ksetup" initiates a command-line script that sets up the basic configuration of the management network interface.

The normal web-based user interface of KMAX remains usable without any password (unless the KMAX is configured to validate users through an external RADIUS server.)

These passwords are randomly generated and composed of a mix of digits and upper and lower case letters. In order to reduce confusion we do not use certain easily conflated characters, such as 'l' and '1'.

On the bottom of each KMAX unit is a label with a QR code block.

On the new units that label shows the passwords for that particular unit.

On older units the label does not show any password information; the original passwords remain in effect.

We suggest that you take a photo of the label and save it.

Did you know that you can scan the QR code on the label with a smart phone? If you do, it will decode into a URL that will lead to a web page that displays the information on the label and, for new units, the passwords. (Note that the QR code box contains a lot of data and it may be beyond the decoding capabilities of some QR code reading Apps. We have found the QR decoding of Google Chrome to be reliable.)

This change affects only new units.

Older units remain operational and unchanged - there is nothing users need to do.

Both old and new units may be updated by users using the normal KMAX update procedures. Updates do not alter the passwords.

Previous
Previous

TLS Finally on the Way Out

Next
Next

Open Source Does Not Equal Better Quality or Greater Security