On the 'Users and access' page, you can set up an administrator password and accounts for other Keenetic router users.
User accounts are required to control access to services and applications installed in the Keenetic.
NOTE: Important! By default, one admin account is preset in the Keenetic router. The account with the reserved username 'admin' cannot be deleted and there is no possibility to change this name. Besides, the 'admin' account cannot be deprived of the right to access the command line interface (TELNET and SSH) and full (Read/Write) access to the settings of the router.
To change the administrator password in the 'User accounts' section, click on its entry.
In the window that appears, enter the new administrator password twice in the fields 'Password' and 'Repeat password'. Then click 'Save'.
NOTE: Important! Remember or save the administrator password. This password is required when connecting to the web configurator of the router and changing settings.
TIP: Note: The list of access rights depends on the router model and the components installed in the KeeneticOS system.
To create a new account, click the 'Create user' button.
In the appeared window 'New user' in the fields 'Password' and 'Repeat password' specify the user's password twice, and below tick the services and applications you want to allow access to. Then click 'Save'.
In this example, a 'user' account has been created.
In addition to user management settings, on the 'Users and access' page you can also change the default TCP ports for connecting to the web configurator and command line interface (CLI) of the router. In the 'HTTP port' and 'TELNET port' fields, you can specify a different port number than the default ones (TCP/80 and TCP/23).
NOTE: Important! After changing the default port for the web configurator, you will need to enter it in your browser along with the IP address: IP_address:port_number
For instance: 192.168.1.1:81
After changing the default port for the command line interface, you will need to use the telnet command: telnet IP_address port_number
For example: telnet 192.168.1.1 223
If you need to allow access to Keenetic control from the Internet, specify the protocol (HTTP and/or TELNET) in the 'Remote access' section.
TIP: Tips: If you are concerned about the security of your router on the Internet, we can recommend the following:
1. Use complex passwords of at least 8 characters long. Generate random passwords. Include numbers and other characters in the password. Avoid using the same password for different sites or purposes.
2. Do not open access to the router's web configurator and command line from the Internet without necessity. With the default (factory) settings, access to the Keenetic's management (its web configurator and command line) from the Internet is blocked. This is implemented for the purpose of device and local network security.
3. Keenetic routers have a password protection function (brute force protection). Be sure to use this feature, do not disable it (by default, this protection is enabled). You can find additional information in the article 'Password broot-force protection for access to the router'.
Usually, the above tips are enough to ensure the security of the router, but you can also do more:
4. Using the Firewall rules, you can allow access to the device only from a certain IP address and only for certain services.
5. When using Internet access to the router from the Internet, you can change the default port number. For example, change the standard port 80 of the web configurator to 280.
6. Create a new user account, set it up with the same access rights as admin and use it exclusively. And for admin, you can remove all access rights except command line access (CLI).