A New Game: Guess the Password(s)
Here is a new game that I call guess the password. Specifically guess the hard code password in an ES&S iVortonics touch screen.
Here are my guesses:
Version 8.x.x.x passwords as found in Florida
Service password = SVC
Test password = TST
Clear password = CLR
EAC password = EAC
Upload firmware password = FWR
Version 9.x.x.x passwords as found in Wisconsin
Service password = SVCSVC
Test password = TSTTST
Clear password = CLRCLR
EAC password = EACEAC
Upload firmware password = FWRFWR
Here is the background:
From page 67 of the SAIT report by Florida State University is the following discussion on iVotronic passwords.
The Service Menu password, Clear and Test password, ECA password, and Upload Firmware password are three-letter case-insensitive passwords. Each one is chosen to be mnemonic and easy to remember. The problem is they are also likely to be fairly easy to guess. They follow a memorable pattern. Someone who knows one of these passwords can probably guess what the other ones are without too much difficulty. These passwords provide very little security.
I speculate that with the new version of the iVotronics (from version 8.x.x to version 9.x.x) ES&S made good on a promise to improve the security of the iVotronic passwords.
The rules of this game are simple:
1)Submit a guess for each of the 4 passwords as a comment to this blog entry
2) The 8.x.x passwords should be 3 characters and 9.x.x characters should be 6 characters.
3) All passwords should be mneumonic so the password is easy to remember.
Here are my guesses:
Version 8.x.x.x passwords as found in Florida
Service password = SVC
Test password = TST
Clear password = CLR
EAC password = EAC
Upload firmware password = FWR
Version 9.x.x.x passwords as found in Wisconsin
Service password = SVCSVC
Test password = TSTTST
Clear password = CLRCLR
EAC password = EACEAC
Upload firmware password = FWRFWR
Here is the background:
From page 67 of the SAIT report by Florida State University is the following discussion on iVotronic passwords.
The Service Menu password, Clear and Test password, ECA password, and Upload Firmware password are three-letter case-insensitive passwords. Each one is chosen to be mnemonic and easy to remember. The problem is they are also likely to be fairly easy to guess. They follow a memorable pattern. Someone who knows one of these passwords can probably guess what the other ones are without too much difficulty. These passwords provide very little security.
I speculate that with the new version of the iVotronics (from version 8.x.x to version 9.x.x) ES&S made good on a promise to improve the security of the iVotronic passwords.
The rules of this game are simple:
1)Submit a guess for each of the 4 passwords as a comment to this blog entry
2) The 8.x.x passwords should be 3 characters and 9.x.x characters should be 6 characters.
3) All passwords should be mneumonic so the password is easy to remember.