Unknown device logged into the FRITZ!Box
Did you receive an email with the subject line 'New login to your FRITZ!Box' and the following text?
'You receive this email whenever there is a login to your FRITZ!Box from the internet by a FRITZ!Box user who is authorized to change the settings of the FRITZ!Box. These logins may also come from an app that logs in with your FRITZ!Box using the account data of a FRITZ!Box user.'
You received this email because a device with the right to change your FRITZ!Box settings logged into the FRITZ!Box user interface. This login can also come from an app (for example MyFRITZ!App) that has access to the FRITZ!Box.
If you are not aware of this activity or believe that an unauthorized user may have logged into your FRITZ!Box, proceed as described in this guide.
1 Using unique access data
Configure new, unique account information for the FRITZ!Box user who logged into your FRITZ!Box without authorization. If there are other users who are allowed to access the FRITZ!Box, make sure that these users also have unique usernames and passwords:
Note:All logins to your FRITZ!Box are logged under 'System > Event Log > System' in the user interface with the complete username, IP address, and time.
- Click on 'System' in the FRITZ!Box user interface.
- Click on 'FRITZ!Box Users' in the 'System' menu.
- Give the users unique usernames. Do not use usernames that are easy to guess, such as admin, guest, fritzbox, remote, or user.
- Give the users unique passwords that are strong enough. Do not use any passwords that are easy to guess or ones that you already use for other services, such as an email account, Amazon, Facebook, or Google.
Note:You can find information on strong passwords from the German Federal Office for Information Security, for example. A password manager such as Bitwarden or KeePass can help you keep track of things while also generating cryptographically complex passwords.
2 Tips for additional security
Installing the latest FRITZ!OS
- Install the latest FRITZ!OS on the FRITZ!Box.
Using an alternative HTTPS port
- Click on 'Internet' in the FRITZ!Box user interface.
- Click on 'Permit Access' in the 'Internet' menu.
- Click on the 'FRITZ!Box Services' tab.
- In the field 'TCP port for HTTPS', enter an unused port from the range 1024 to 65535 instead of the default port 443. This makes it more difficult for unauthorized persons to determine whether it is even possible to access the FRITZ!Box via HTTPS.
- Click on 'Apply' to save the settings.
Enabling additional confirmation
The FRITZ!Box only executes settings and functions that are particularly important for security after additional confirmation. Additional confirmation could be disabled with older FRITZ!OS versions. If additional confirmation is disabled in your FRITZ!Box, re-enable it:
- Click on 'System' in the FRITZ!Box user interface.
- Click on 'FRITZ!Box Users' in the 'System' menu.
- Click on the 'Additional Confirmation' tab.
- Enable the option 'Additional confirmation of security-relevant changes' if shown.
Setting up secure telephony
To make sure that you are not charged for unauthorized calls to international numbers or premium-rate services, set up call blocks for calls to international numbers and premium-rate numbers:
- Set up call blocks for calls to international numbers and premium-rate numbers in the FRITZ!Box. Alternatively, you can also have your telephony provider block these number ranges.
Disabling services that are no longer needed
- Click on 'Diagnostics' in the FRITZ!Box user interface.
- Click on 'Security' in the 'Diagnostics' menu.
- In the 'FRITZ!Box Services' section, check which services are set up for access from the internet in the FRITZ!Box.
- Disable the services that you no longer need.
Note:MyFRITZ!Net requires the service 'Internet access to the FRITZ!Box (HTTPS)'.
