I haven't bought a consumer router in well over a decade that isn't secure by default. Universally they all prohibit accessing the router via the WAN interface, and have reasonable firewall defaults. Many these days even include a randomized unique password for every router, stuck to the side of the device with a sticker.
These routers were put on the internet on purpose, by people that seem to know what they are doing (universities and businesses), and none seem to have default credentials. Seems reasonable to me.
These routers were put on the internet on purpose, by people that seem to know what they are doing (universities and businesses), and none seem to have default credentials. Seems reasonable to me.