Hello,
So I've had this issue for a while. It's not a big security issue but it does bother me. Basically I am unable to log out of my Dark Knight completely. I'll give example to repeat, and explain more:
1) log in to router, make change, etc
2) log out of router
3) close browser tab
4) open new browser tab, and direct to router IP address
5) do whatever you like, without being tested for password again!
RMerlin told me via Email some time ago that I had to log out for 60 seconds, however it seems to make no difference. I can log out for days, close all tabs or just one. The only time this is not true is if I reboot the PC.
I'm on Ubuntu 13.04 (same happend on 12.10) and use Chrome browser. I see the same issue from My Android tablet as well. Chrome does not save my passwords, I dismiss the question each time.
Limitations are:
If I reboot the PC I am prompted to log in again.
If I attempt to login from another device, then all works properly. I'm asked to log out of current session, and if it is inactive (closed) or I've logged out, I can then log in from another location. Finally at that point I will have to login from the PC again as expected. This does not fix the issue that if one logs out from the current device then goes back to it that they are not tested again.
I've seen this issue on .270 builds, .354 and the latest .370. Today I spent 30 minutes telling the Asus Technical support of this issue just to be told to RMA it.
I'm confident that this problem existed before I ever did anything to the Router, but I have installed DD-WRT, Merlin and eventually came back to the stock builds. The DD-WRT builds did not have this issue, the Merlin and Asus ones do.
I realize that this is a small issue, however it does mean that if someone can obtain control of my PC, be it remotely or in person, that they can do anything they like to my router settings. My concern is in the former that someone who could gain remote access could then fully disable the firewall.
I would love to know if it is just me or if others experience this same issue. I've used Netgears and Linksys in the past and always immediately after clicking Logout am challenged to log in again. Most of those have in-activity timers as well.
So I've had this issue for a while. It's not a big security issue but it does bother me. Basically I am unable to log out of my Dark Knight completely. I'll give example to repeat, and explain more:
1) log in to router, make change, etc
2) log out of router
3) close browser tab
4) open new browser tab, and direct to router IP address
5) do whatever you like, without being tested for password again!
RMerlin told me via Email some time ago that I had to log out for 60 seconds, however it seems to make no difference. I can log out for days, close all tabs or just one. The only time this is not true is if I reboot the PC.
I'm on Ubuntu 13.04 (same happend on 12.10) and use Chrome browser. I see the same issue from My Android tablet as well. Chrome does not save my passwords, I dismiss the question each time.
Limitations are:
If I reboot the PC I am prompted to log in again.
If I attempt to login from another device, then all works properly. I'm asked to log out of current session, and if it is inactive (closed) or I've logged out, I can then log in from another location. Finally at that point I will have to login from the PC again as expected. This does not fix the issue that if one logs out from the current device then goes back to it that they are not tested again.
I've seen this issue on .270 builds, .354 and the latest .370. Today I spent 30 minutes telling the Asus Technical support of this issue just to be told to RMA it.
I'm confident that this problem existed before I ever did anything to the Router, but I have installed DD-WRT, Merlin and eventually came back to the stock builds. The DD-WRT builds did not have this issue, the Merlin and Asus ones do.
I realize that this is a small issue, however it does mean that if someone can obtain control of my PC, be it remotely or in person, that they can do anything they like to my router settings. My concern is in the former that someone who could gain remote access could then fully disable the firewall.
I would love to know if it is just me or if others experience this same issue. I've used Netgears and Linksys in the past and always immediately after clicking Logout am challenged to log in again. Most of those have in-activity timers as well.
