It would take a little extra effort on the part of Linksys and others, but home routers should come out of the box with encryption enabled and the password set as serial number of the unit.
Leaving encryption off and having the admin password as “Linksys” or whatever is just asking to be hacked.
Here is the key passage:
“But that can be accomplished by using a vulnerability in the device’s software or by simply trying the default login password. Only a tiny fraction of users actually change their router’s login settings, says Heffner. “Routers are usually poorly configured and have vulnerabilities,” he says. “So the trick isn’t how to exploit the router. It’s how to get access to it.”
So what is your router’s password? If it’s ‘test123’, maybe you should change it to ‘d13fU??’ or something like that.