enoxos

having the same issue but with a different model from Q-see and hence a different reset password. I am trying to disapher the firmware and see if it is possible to change it. If it encoded on the BIOS, then it is a whole another story. Any body with any experience tweaking firmware? lol

Yup. PM sent. looking for the same thing as well. having the same problem

changing the admin password does not solve the problem because there is another reset password that can NOT be reste and only techies know that. sounds like back door access this exactly what it is. I understand that sometimes we forget the admin pass and they can reset it by sending it to the manufacturer, but i believe that the consumer should have the choice to block any access to their DVRs regardless of what password the techies have. Or the reste could also be done by a combination of the hard buttons on the DVR that resets to its default state with a trivial admin pass. I just do not see why is it that the techies have a reset pass that allows them access to the DVR at any time. this is at least troublesome. We all heard stories of leaked videos on youtube lol

changing the admin password does not solve the problem because there is another reset password that can NOT be reste and only techies know that.

why only for CIF recording? what is CIF recording anyway? and how is different than other modes? thanks

There are 3 remote viewing passwords that need to be changed: 1 - admin password 2 - user password 3 - mobile password You indicated that you changed the admin password. What about the others? Also, for an additonal layer of security the ports should be changed from defaults. The defaults are 9000 and 80. When you change the http port (80) you'll need to use the port number with the IP address. For instance, if the DVR has an internal IP address of 192.168.1.200 and you change the port to 83 you'll need to use http://192.168.1.200:83 in a web browser to access the DVR, or 192.168.1.200:83 in the remote viewing software. Same thing goes when accessing the DVR with the WAN IP address (just substitue the WAN IP address for the internal IP address in the above example). Along the same lines, if you change the media port from 9000 to 9003 (for instance) you'll need to specify that port also. Oh, the model is QSDR008RTC (removed the extra 0). Here is the head scratcher: I just gave my techie the Ip only without the port and he got into the system with in 5 seconds. Now, keep in mind that I was NOT using the default port and I had changed the admin password. I had also changed the other passwords as well, user and mobile, prior to talking to the techie. So, I am guessing that the techies with the master-reset password only need the IP address and they search through the ports with a brute force search engine that tries all the ports from 80 to 9000 and it is a guaranteed that they will get into the DVR. this is scary

actually, this does not work. I have changed the admin password at the DVR, but the guy was able to log in regardless. This reset password they have is universal, but I would like to disable it or change it if possible. thanks Hi for them to get into your dvr you would have had to of given them your ip address ................. just change it True, but here is the deal by having a dynamic IP. only the last 2 set of numbers change when your dynamic IP resets every so often. Therefore, there is a small, but yet a chance to get it right by pure guessing. (actually it is 1 in 256*256 = 1 / 65536). If only the last set changes, then it is 1/256, pretty good chances if you ask me. Of course the issue is a privacy one and when you have a system at home, this privacy issue is not to be taken lightly to my opinion.

exactly my thoughts. if the manufacturer or the dealer has a master password (namely the reset password), they can see everything provided they know the ip.

the DVR is from Q-see and the model is QSDR-0008RTC

actually, this does not work. I have changed the admin password at the DVR, but the guy was able to log in regardless. This reset password they have is universal, but I would like to disable it or change it if possible. thanks

hello there, I called my DVR's representatives to find out why my web monitoring viewer was acting up. He asked for my IP which I gave to him and he said he was able to see the video output. After some troubleshooting, we solved the minor problem. Here is the question, how the hell he logged into my DVR and was able to view the cameras? I never gave him the password since he never asked anyway. Apparently, there must be a reset password that they can use to have full control of the DVR. Is there a way to delete this reset password and have my DVR log in only with my password? thank you fellas