A new study has revealed that millions of home internet users could be leaving their routers open to cyberattacks simply because they never change the default settings.
The research, carried out by Broadband Genie with technical input from McAfee, found that a large share of households continue to overlook one of the most basic forms of digital protection.
The survey gathered responses from more than 3,200 participants, analysing their habits and awareness of home network security. Although the findings show small improvements since 2024, they paint a picture of widespread complacency around router configuration. Nearly half of all users, around 47 percent, have never adjusted any of their factory settings. For a country with roughly 28 million broadband connections, that amounts to nearly 12.7 million routers still using default options that could be exploited by attackers.
Router settings are often left untouched for years after installation. The study showed that 81 percent of users have not changed their administrator passwords, and 85 percent continue to use the network names set by manufacturers. Almost seven in ten have never replaced their Wi-Fi passwords, and 84 percent have never updated their router’s firmware. While each of these figures has improved slightly from previous years, the overall trend suggests a slow pace of change.
.png)
Many users simply do not understand why router adjustments matter. Nearly three quarters of respondents said they saw no reason to change the default settings, and about a fifth admitted they did not know how to make those changes. This awareness gap is most visible among older participants. More than six in ten of those aged 65 or above said they had never opened their router’s settings, compared with less than a third among 18 to 24-year-olds. Even so, younger groups were far from fully secure.
The lack of attention to router configuration leaves an easy pathway for criminals. Devices that run on factory credentials can be accessed remotely, giving intruders the chance to read network traffic, intercept data or spread malicious software across connected devices. A single compromised router can expose personal files, home surveillance feeds, and even financial transactions. Despite growing awareness of cybersecurity risks, home routers remain one of the least protected points in the network chain.
Experts note that a few small adjustments are often enough to block these threats. Changing the administrator password and Wi-Fi key are the most effective first steps. Renaming the network adds another layer of difficulty for anyone attempting to identify the router model and exploit its known weaknesses. Regular firmware updates, meanwhile, close vulnerabilities that hackers may try to use. Many newer routers now install updates automatically, but older ones still depend on manual checks from users.
The figures collected by Broadband Genie also reflect a slow shift in attitudes. The share of users who changed their router settings rose by five percentage points compared with 2024, but that still leaves millions exposed. Firmware updates, which play a key role in preventing attacks, remain neglected despite years of public awareness campaigns. Most users continue to focus on software or mobile security, rarely considering that the router is their main entry point to the internet.
While users bear responsibility for their own security, the report points out that providers and manufacturers could make the process easier. Many routers are shipped with complex interfaces or generic instructions that discourage engagement. Simplifying these menus and sending clearer reminders could help users apply stronger settings without needing technical knowledge. Security measures could also be prompted during setup, much like operating systems require password creation on first use.
The study underlines how cybersecurity is no longer limited to experts or large companies. Every household network forms part of the wider digital environment, and a weak link in one home can affect others through compromised devices or data leaks. Taking a few minutes to update a router’s settings is not only a matter of personal protection but a contribution to broader online safety.
The 2025 results suggest the consumers are moving in the right direction, but progress remains slow. With more connected devices entering homes each year, the router continues to act as a digital front door. Keeping it secure requires awareness, routine updates, and small habits that, over time, close off easy routes for cybercriminals. For most people, the simplest step, changing a default password, remains the one that could make the biggest difference.
Notes: This post was edited/created using GenAI tools.
Read next: New Study Shows Which Countries Use VPN Most and Least
The research, carried out by Broadband Genie with technical input from McAfee, found that a large share of households continue to overlook one of the most basic forms of digital protection.
The survey gathered responses from more than 3,200 participants, analysing their habits and awareness of home network security. Although the findings show small improvements since 2024, they paint a picture of widespread complacency around router configuration. Nearly half of all users, around 47 percent, have never adjusted any of their factory settings. For a country with roughly 28 million broadband connections, that amounts to nearly 12.7 million routers still using default options that could be exploited by attackers.
Router settings are often left untouched for years after installation. The study showed that 81 percent of users have not changed their administrator passwords, and 85 percent continue to use the network names set by manufacturers. Almost seven in ten have never replaced their Wi-Fi passwords, and 84 percent have never updated their router’s firmware. While each of these figures has improved slightly from previous years, the overall trend suggests a slow pace of change.
.png)
Many users simply do not understand why router adjustments matter. Nearly three quarters of respondents said they saw no reason to change the default settings, and about a fifth admitted they did not know how to make those changes. This awareness gap is most visible among older participants. More than six in ten of those aged 65 or above said they had never opened their router’s settings, compared with less than a third among 18 to 24-year-olds. Even so, younger groups were far from fully secure.
The lack of attention to router configuration leaves an easy pathway for criminals. Devices that run on factory credentials can be accessed remotely, giving intruders the chance to read network traffic, intercept data or spread malicious software across connected devices. A single compromised router can expose personal files, home surveillance feeds, and even financial transactions. Despite growing awareness of cybersecurity risks, home routers remain one of the least protected points in the network chain.
Experts note that a few small adjustments are often enough to block these threats. Changing the administrator password and Wi-Fi key are the most effective first steps. Renaming the network adds another layer of difficulty for anyone attempting to identify the router model and exploit its known weaknesses. Regular firmware updates, meanwhile, close vulnerabilities that hackers may try to use. Many newer routers now install updates automatically, but older ones still depend on manual checks from users.
The figures collected by Broadband Genie also reflect a slow shift in attitudes. The share of users who changed their router settings rose by five percentage points compared with 2024, but that still leaves millions exposed. Firmware updates, which play a key role in preventing attacks, remain neglected despite years of public awareness campaigns. Most users continue to focus on software or mobile security, rarely considering that the router is their main entry point to the internet.
While users bear responsibility for their own security, the report points out that providers and manufacturers could make the process easier. Many routers are shipped with complex interfaces or generic instructions that discourage engagement. Simplifying these menus and sending clearer reminders could help users apply stronger settings without needing technical knowledge. Security measures could also be prompted during setup, much like operating systems require password creation on first use.
The study underlines how cybersecurity is no longer limited to experts or large companies. Every household network forms part of the wider digital environment, and a weak link in one home can affect others through compromised devices or data leaks. Taking a few minutes to update a router’s settings is not only a matter of personal protection but a contribution to broader online safety.
The 2025 results suggest the consumers are moving in the right direction, but progress remains slow. With more connected devices entering homes each year, the router continues to act as a digital front door. Keeping it secure requires awareness, routine updates, and small habits that, over time, close off easy routes for cybercriminals. For most people, the simplest step, changing a default password, remains the one that could make the biggest difference.
Notes: This post was edited/created using GenAI tools.
Read next: New Study Shows Which Countries Use VPN Most and Least
