Dahua And Hikvision Master Password Backdoor

Hello community.

What is your opinion about possibility of local (Dahua) and remote (Hikvision) admin login without knowing the exact password of user with admin privileges? There is a possibility to generate a password knowing only the present date and just login.

The basic reason for leaving such possibility was helping users, which forgot their password. More or less 2 years ago Dahua had another way to do so, more hardware like (turn of the power, take out the battery, connect the contact and so on). Today you just need to calculate something like this:
8888 x day x month x year (last to digits)
and last 6 digits of this number as a password of 888888 user (it has admin privileges). Today it is: 8888 x 27 x 11 x 14 = 36956304 -> password: 956304. I have just checked it - it works fine.

I do not use Hikvision very often so can not check now, but as far as I know - it works exactly the same. Even more - you can use it remotely. More info here.

What is your opinion? Is it a good way? What mechanisms should be available to help user when he forgets the password?

Best regards,
Marian Maroszek
Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

*** ********* ********** ****** **** *** **** ** **** *** device's ****** ******, ***** ****** ****** *** ******* ** **** into ****** *******. **** ** **** ********* **** **** *** are ******** *** ***** (*** ****** ****** *********).

* **** ********* **** ** ***** *** ********* *** *******.

*** ******* ********* ******** ******** ******* *** ************** ******** ** as *******:

*. *** ******** ******** ********* *** ******** ***** *********** **** as *** ********'* ****, *-**** *******, ******* ****, ******* ******, contact *******, ****** ****** **** *** ******* ****** **** ** device, ***.

*. ***** ********* ******** *** ************* *** ********'* ***********, ** will ******* * ****** **** **** ** ***** *** *** days.

*. **** ********* **** ********, ***** **** ** * ******** in *** **** *** (***** **** *******), *** ******** *** then **** ** *** ****** **** *** ***** *** ******** of *** ************** *******.

**** ******** ******** ******* *** **** ** *** ****** *** Local **** *******. ** ******** ******-******** *********** **** *** **** be ******** ****** *** ***, *** ** ******** **** *** secure **** ********* ** ********* ** ******** ***** *** **** tool ****** *** ***.

*** ***** *** ** ******** *** **** *************. ***** **** remarks **** *********?

******

***** ******** *** *********:

"** *** ***** *** ************* ******** *** **** ******** ******, *** ******** *** **** to *** *********." *** **** "************* *** ***** ***** ** *** ********* *** ***** ***** generation ********."

* ******** ** **** **** ****** *** **** ******* ** which *** *** ** ***. *******, ** ******* **** **** existing ********* *** ** ********. * **** **** **** *** more ***** ** *** ** *** *** **** ***********.

*******, ** ******* **** **** ******** ********* *** ** ********.

*******. * ***** **** ** ***** ** **% ** *** moment ;-) .

* ***** ******* ***** ****. ******* ********** *** *** ****** which *** **** ** ****** ********'* **** *******. *** **** alternated ****** *** ****** *****'* **** ***** *** ********* ** public ** ******* *** **** * ******* ****** *** ** them (*** *** ********* ****** ** ****), ** * ****** user *** ***% ******** ********* ***** ** * ***** :-) . ************* *** **** *** ******* ****** *** *******.

********* *** *** **** *******, *** ** *** ** * know **** ******* ******** *** ******** ***** ****** **** *****.

* ****** ***** **** ***** *** ******* ****** ******* **** more **** ***** ** ** **** *********.

******

* ***** **** ****** ** **** ** ****** *** ****** password **** *** ** ****** ********** ** * *** *******. I ******* **** *** ****** **** *) ******** ******, **** as * ***** ******, *** *) **** ** ****** **** all ********. **** ***, * ****** ****** ******** *** ******* can't *** **, *** *** **** *** ****** ***** *** device **** ********* ****** **** *** ******** **** **** *****.

****** * **** **** ** **** ** *** ** ****** a *************...

****://***.******.***/*****/***********/****/**/**/****-*******-****-*****-******-**-*****-*****-******-*****/

** *** ******** ********* **** *** **** *** ****, ** the ***** ** *** **** *** *** *** ** ****. I **** **** ******* **** *** *** ** * *** or ***** ** *****... ** *** ********* **** *** ****** number, **** ******* *** ***** **** ******** ****** ** *** device.

**** * ******** ******* ** **** *** *** ** *** wild, *** *** ** ****. * ********* ** *** ***** hand **** ** ********** ** *** ************, *** **** *** time/date ** **** ** "*******" *** *** ******* ** ****** with *** ********* **, ***. **** ** ******, *** *** great...

* ***** **** ** *** ***** **** (** ***** ********************* * *** ****************).

********** (***** * ***** *** ******* ********* ******** ** *** DVR) ****** ** *** ********, *** *** *** *********, ***** 888888 ** *** **** *** ****** (******** ********* **** *****'* date).

****** *****, *** *** *** ********* ** *** ********, *** not **** *** ******.

** ** **** * ******** ****? ***. ****** **** * calculator *** ***** ****** ** * *** *** *** **.

*******, *********** *** **** ** ** ********** ** *** ***, with * ***** *** ******* ********, ** ** **** **** of * ******** **** **** ** ***** ** ** ** were ******* ********. **** **** ** *** **** ***** ** keyboard ********, **** ***** ********* **** **** *** *** *** interface ** ****** ********.