Baza wiedzy
AVM Content
FRITZ!Box reports "Login by user [...] failed"
The event log of the FRITZ!Box displays messages about failed access attempts from unknown users with unknown IP addresses at regular intervals:
- "Login of user [...] to the FRITZ!Box user interface from the IP address [...] failed (incorrect password)."
- "Login of user [...] to the FRITZ!Box FTP service from the IP address [...] failed (incorrect username or password)."
- "Login of user admin to the FRITZ!Box user interface from the IP address [...] failed (incorrect password)."
- "Login of user anonymous to the FRITZ!Box FTP service from the IP address[...] failed (incorrect username or password)."
Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Box.
1 Messages do not mean there is a security threat
The FRITZ!Box logs successful as well as failed attempts to log in to the FRITZ!Box using the standard protocols HTTPS and FTP/FTPS.
The failed login attempts are usually automated access attempts from unknown remote sites on the internet, using common usernames and passwords. However, these could also be failed access attempts made by family members or roommates, or access attempts from older FRITZ!App installations with expired login credentials (for example on a child's smartphone).
These login attempts were not successful. The FRITZ!Box or devices in the home network could not be accessed.
Even though reports of abuse from abroad often do not bring any results and it is not always possible to determine the owner of an IP address, it is advisable to report repeated login attempts from unknown IP addresses to the owner of the IP address.
You can use the IP WHOIS Lookup to determine the owner of an IP address, for example. Normally reports of abuse can be submitted to the owner of the IP address by sending an email to abuse@domainname.xyz.
2 Blocking IP addresses
Configure the FRITZ!Box so that it automatically blocks attempts to log in with your FRITZ!Box from IP addresses that have been identified as the source of unauthorized login attempts. Also block the IP address used to make the unauthorized attempts to log in with your FRITZ!Box.
- Click "Internet" in the FRITZ!Box user interface.
- Click "Filter" in the "Internet" menu.
- Click on the "Lists" tab.
- In the "IP Blocking Lists" section, click on the "edit" link next to the list "Blocked IP addresses".
- Enter the IP addresses from which connections to the FRITZ!Box are to be rejected.
Note:If you want to block several IP addresses, separate the individual addresses with a space or line break. You can enter up to 64 IP addresses.
- Enable the option "Use AVM's Additional IP Block List" to block login attempts from IP addresses that AVM has identified as the source of unauthorized attempts to log in with FRIT!Boxes.
- Click "Apply" to save the list.
3 Tips for additional security
To make it more difficult for unauthorized persons to access your FRITZ!Box via the internet and to minimize the potential for attack, observe the following security tips and adjust the settings of your FRITZ!Box, if necessary:
Installing the latest FRITZ!OS
- Install the latest FRITZ!OS on the FRITZ!Box.
Disabling services that are no longer needed
- Click "Diagnostics" in the FRITZ!Box user interface.
- Click "Security" in the "Diagnostics" menu.
- In the "FRITZ!Box Services" section, check which services are set up for access from the internet in the FRITZ!Box.
- Disable the services that you no longer need.
Note:MyFRITZ!Net requires the service "Internet access to the FRITZ!Box (HTTPS)".
Using individual account information
- Click "System" in the FRITZ!Box user interface.
- Click "FRITZ!Box Users" in the "System" menu.
- Give all users unique usernames. Do not use usernames that are easy to guess, such as admin, guest, fritzbox, remote, or user.
- Give all users unique passwords that are strong enough. Do not use any passwords that are easy to guess or ones that you already use for other services, such as an email account, Amazon, Facebook, or Google.
Note:You can find information on strong passwords in our guide Everything you need to know about strong passwords, for example. A password manager like Bitwarden or KeePass can help you keep track of things while also generating cryptographically complex passwords.
Using an alternative HTTPS port
- Click "Internet" in the FRITZ!Box user interface.
- Click "Permit Access" in the "Internet" menu.
- Click on the "FRITZ!Box Services" tab.
- In the field "TCP port for HTTPS", enter an unused port from the range 1024 to 65535 instead of the default port 443. This makes it more difficult for unauthorized persons to determine whether it is even possible to access the FRITZ!Box via HTTPS.
- Click "Apply" to save the settings.
Using an alternative FTP/FTPS port
- Click "Internet" in the FRITZ!Box user interface.
- Click "Permit Access" in the "Internet" menu.
- Click on the "FRITZ!Box Services" tab.
- If internet access to your storage media via FTP/FTPS is enabled, enter an unused port from the range 1024 to 65535 in the field "TCP Port for FTP/FTPS" instead of the default port 21. This makes it more difficult for unauthorized persons to determine whether it is even possible to access the FRITZ!Box via FTP/FTPS.
- Click "Apply" to save the settings.
Setting up push service for logins to the FRITZ!Box
- Set up the "Change Notice" push service.
- Click the (Edit) button for the "Change Notice" push service.
- Enable the option "Inform about logins to the user interface".
- Click "Apply" to save the settings.