I had my Pentair Screenlogic system set up last summer when I had my pool remodeled. The pool builder demonstrated the remote connect capability through the app, which is pretty cool, but the default password of "1234" is incredibly insecure for something accessible from the World Wide Web. As an IT guy, my first thought was "I need to change this password ASAP."
Essentially, if you allow Internet access for the remote connect on your ScreenLogic, and haven't changed that default password, anyone, anywhere, can log in and fiddle with your pumps, chlorinators, lights, schedules, heater set temperatures, feature circuits, etc.
In my opinion, it's made even worse by the 6-digit hexadecimal names assigned to each Screenlogic Device Modified by TFP Mod. Default passwords are a massive security issue on any device, but especially things connected to the internet.
Please, change your default passwords. Not just on your ScreenLogic devices, but on anything connected to the internet! Or better yet, if you don't need to connect to your pool remotely through the app, limit its access to the internet through your router.
And lastly, if I connected to your pool, I'm sorry (though as far as I can tell there's no logging, so you'd probably never know anyway).
I know this has been posted before, years ago, but thought another friendly reminder might help someone out!
Essentially, if you allow Internet access for the remote connect on your ScreenLogic, and haven't changed that default password, anyone, anywhere, can log in and fiddle with your pumps, chlorinators, lights, schedules, heater set temperatures, feature circuits, etc.
In my opinion, it's made even worse by the 6-digit hexadecimal names assigned to each Screenlogic Device Modified by TFP Mod. Default passwords are a massive security issue on any device, but especially things connected to the internet.
Please, change your default passwords. Not just on your ScreenLogic devices, but on anything connected to the internet! Or better yet, if you don't need to connect to your pool remotely through the app, limit its access to the internet through your router.
And lastly, if I connected to your pool, I'm sorry (though as far as I can tell there's no logging, so you'd probably never know anyway).
I know this has been posted before, years ago, but thought another friendly reminder might help someone out!
Last edited by a moderator: