Forgotten password for the router web interface is a problem faced by one in five users. Without access to the admin panel, it is impossible to change network settings, update firmware, or set up a guest account. Wi-FiFortunately, there are legal ways to restore access, from standard combinations to using backup configurations.
It is important to understand: we are talking specifically about the password for entering the router control panel (usually this is 192.168.1.1 or 192.168.0.1), not about the Wi-Fi network security key. These passwords are often confused, although they are stored and reset differently. In this article, we'll look at methods for popular brands— TP-Link, ASUS, MikroTik, Keenetic and universal solutions.
Let us warn you right away: if the router belongs to the provider (for example, Rostelecom or Beeline), independent intervention may violate the terms of the agreement. In such cases, it's best to contact support.
1. Standard login and password combinations
Most manufacturers install factory credentials by default. They can be found on a sticker on the bottom of the router or in the instructions. Typical options:
- 🔑 Login:
admin, Password:admin(For TP-Link, D-Link, Tenda) - 🔑 Login:
admin, Password: empty (for some models) ASUS) - 🔑 Login:
user, Password:user(rare, but occurs in Zyxel) - 🔑 Login/Password:
root(for firmware OpenWRT or DD-WRT)
If the sticker is erased or lost, check the combinations in the database RouterPasswords (Opens in a new tab). Enter your device model—the system will display all known factory data.
⚠️ Attention: After logging into the admin panel for the first time Be sure to change the default passwordDevices with default settings are vulnerable to attack throughTelnetorSSH.
If the default combinations don't work, move on to the next method. It's possible the previous owner or provider has already changed the password.
2. Reset the router to factory settings
Hard reset — the most reliable method if other methods fail. It will restore the router to its out-of-the-box state, including the factory admin password. Cons: all personal settings (Wi-Fi name, network password, port forwarding) will be lost.
Instructions for most models:
- Find the button on the back of the router.
Reset(sometimes it is recessed into the body). - Take a paper clip or a toothpick and press and hold the button 10-15 seconds.
- Release the button when the indicators start flashing randomly (sign of reset).
- Wait for the reboot (1-2 minutes) and connect to the router via cable.
For devices MikroTik the procedure is different:
System → Reset Configuration → No Default Configuration
After reset, use the standard login details (see section 1).
Save current settings (if available)
Prepare a paper clip or a thin object
Connect the router to power
Have the device's instructions handy-->
⚠️ Attention: On routers with dual firmware (for example, Keenetic) long-term retention Reset (more than 30 seconds) may cause the device to switch to the backup firmware. This is not a reset, but a system reboot!
3. Password recovery via configuration backup
If you have previously saved a backup of your router settings (file with the extension .cfg, .bin or .backup), the admin password can be extracted from it. To do this, you will need a text editor with support HEX encodings (For example, Notepad++ or HxD).
Algorithm of actions:
- Open the backup file in HxD.
- Click
Ctrl+Fand enteradminorpassword. - There may be an encrypted password next to the found line. Copy it.
- Decipher using online services like RouterPwn (For TP-Link) or MikroTik Password Decoder.
For routers ASUS with firmware Asuswrt-Merlin the password is stored in clear text in a file nvram. It can be extracted using the command:
nvram show | grep http_passwd
| Manufacturer | Backup format | Password extraction method |
|---|---|---|
| TP-Link | .bin |
HEX editor + decoder TP-Link |
| ASUS | .cfg |
Team nvram show or text search |
| Keenetic | .conf |
Only through the official Keenetic Recovery |
| MikroTik | .backup |
Utility WinBox with a flag --decode |
Attention: router backups Keenetic They are encrypted by linking them to a serial number. It's impossible to recover the password without the original device.
4. Exploiting firmware vulnerabilities (for advanced users)
Some older router firmwares contain exploits, allowing authentication to be bypassed. For example, the vulnerability CVE-2014-9222 V TP-Link WR740N allowed access through a special URL:
http://192.168.1.1/userRpmNatDebugRpm26525557.htm
This method is not applicable to modern devices, but if your router was manufactured before 2018, you can check the vulnerability databases:
- 🛡️ Exploit Database (search by model)
- 🛡️ CVE Details (by vulnerability number)
Exploits should only be used as a last resort, as they can:
- 🔴 Disrupt the router's operation
- 🔴 Grant access to third parties
- 🔴 Cause the device to be blocked by the provider
⚠️ Attention: Exploiting vulnerabilities in routers connected to the provider's network may be considered a hacking attempt. This violates the user agreement and may result in legal liability.
List of routers with known vulnerabilities
TP-Link WR740N (CVE-2014-9222), D-Link DIR-300 (CVE-2013-2567), ASUS RT-N12 (CVE-2014-9583), Netgear WNR2000 (CVE-2017-6862). Most of the vulnerabilities are patched in current firmware.
5. Connecting via Telnet/SSH (for advanced users)
If remote access is enabled on the router Telnet or SSH, you can try resetting the password through the console. This method works for MikroTik, Ubiquiti and routers with firmware OpenWRT/DD-WRT.
Instructions for MikroTik:
- Connect via WinBox without password (if enabled)
MAC-WinBoxaccess). - Go to
System → Users. - Select a user
adminand reset your password.
For OpenWRT use commands:
ssh root@192.168.1.1
passwd
After entering the new combination, the password will be updated.
On routers ASUS with firmware Merlin You can reset your password through SSH, by completing:
nvram set http_passwd="new_password"nvram commit
reboot
Important: access by Telnet/SSH This feature is usually disabled by default. If you haven't enabled it before, this method won't work.
6. Contact your provider (if the router is theirs)
If the router was issued by the provider (for example, Rostelecom, MTS, Beeline), performing a manual reset may disrupt your network connection settings. In this case:
- Call your provider's support team (the number is usually listed on the router sticker).
- Let me know serial number devices (located on the bottom).
- Ask to reset the admin panel password or send specialists.
Some providers (eg Dom.ru) provide access to your personal account, where you can manage your router settings remotely. Check the "Equipment" or "Wi-Fi" section in your personal account.
If your provider refuses to help, check whether they'll unlock your router after you terminate your contract. Devices often remain locked even after service is disconnected.
⚠️ Attention: Providers may use non-standard firmware with limited functionality, for example, in routers. Rostelecom access to the section is often disabledDNSorPort Forwarding.
7. Alternative methods (for specific cases)
If none of the methods worked, try:
- 🔧 Firmware via TFTP: for routers TP-Link And D-Link You can upload new firmware in emergency mode by holding
Resetwhen turning on the power. - 🔧 JTAG programming: A last resort method for restoring "bricked" (non-functional devices). Requires a soldering iron and a programmer.
- 🔧 Contacting the service center: If the router is under warranty, some centers will reset the password for free.
For devices Ubiquiti (For example, UniFi) the password can be reset through the utility UniFi Controller:
- Install UniFi Controller on PC.
- Connect the router to the network.
- In the controller's web interface, select the device and click
Forgot Password.
Important: Methods like JTAG or SPI flashing require experience. A mistake can permanently damage the router.
FAQ: Frequently Asked Questions
Is it possible to find out the admin password via the Windows command line?
No, the router password is stored in its memory and is not accessible through the OS. However, you can try retrieving it from saved browser sessions (if you previously logged into the admin panel and saved the password). To do this, use a password manager like KeePass or expansion Bitwarden.
I reset my router, but the default password doesn't work. What should I do?
Your ISP may have changed the factory firmware. Try this:
- Connect via cable and check the router's IP address via
ipconfig(Vcmd). - Use
Telnetto connect to192.168.1.1(sometimes it is open even after reset). - Contact your provider's support team and ask them to provide up-to-date login information.
Is it possible to hack the admin password using software?
Theoretically yes, but in practice it is:
- ⏳ This is an extremely time-consuming task (guessing a password can take years).
- 🚫 Illegal if the router is not yours.
- 🔒 Useless for modern devices with brute-force protection.
Programs like Hydra or John the Ripper work only on weak firmware (see section 4 on vulnerabilities).
How to protect your router after access is restored?
After password recovery:
- Change the default
admin/adminfor a complex combination (for example,K7#pL9!vQ2). - Disable remote control (
Remote Management) in the settings. - Update your firmware to the latest version.
- Set up
Firewallto block suspicious connections.
For MikroTik additionally disable WinBox without a password and turn it on MAC-WinBox only for your devices.
What should I do if the router doesn't turn on after a reset?
This is a sign of an unsuccessful reset or corrupted firmware. Try:
- Turn off the power for 30 seconds, then turn it on again.
- Repeat the reset while holding
Reset30–40 seconds. - Use the emergency mode (for example,
TFTPFor TP-Link).
If the router does not respond, contact a service center - the flash memory may need to be re-soldered.