Since Chrome 77 release, Netgear router users reported Chrome is redirecting them to password recovery page or giving 401 unauthorized error when they try to login to admin panel at 192.168.1.1. page, Chromium team is aware of this and pushed a fix, meanwhile, if you’re affected, follow the workaround given in this article.
What happened?
There are multiple reports from users on Netgear forum claiming when they visit router login page 192.168.1.1, it is giving 401 unauthorized error or taking them to the password reset page. Affected users confirm latest Chrome has this issue and they can able to successfully log in to Netgear admin panel in Firefox, Edge and on the older version of Chrome, but not on Chrome 77.
The thing is Google is aware of this in Chrome 77 beta itself, they fixed it then but accidentally re-enabled the issue in Stable.
Back in August, Chromium employee reported on the” NetgearĀ Router Admin login redirects to password recovery” bug page that ” We have two high-quality reports from beta users that state when logging into the admin panel for Netgear router, Chrome is immediately redirected to the password recovery page. Both users indicate that issue is specific to Chrome M77, does not happen in M76, and does not happen on other browsers.”
Chromium team narrowed down the root cause from the reports and found their work on HTTP Auth and interstitials has regressed the issue and confirmed ,it can be solved by disabling “HTTP auth committed interstitials”.
They did disabled the feature by a commit, but relanded it mistakenly which activated the feature and now broke not only login pages of Netgear, but also of Vodafone routers also.
A few hours back, Chromium team has landed finch config to kill this, the issue could’ve been already fixed for you, doing a browser restart and visiting 192.168.1.1 will confirm that for you, if not, follow the below steps.
1. Launch Chrome
2. Visit chrome://flags/#http-auth-committed-interstitials and select “Disabled” and restart the browser.
FYI, the issue can be reproduced on this page if you turn on “Enable committed interests for HTTP Auth” in chrome;//flags page, where you’ll see “unauthorized access” error behind the login prompt and error doesn’t appear when you disable the flag.
All this happened due to Chrome showing “committed error pages instead of transient navigation entries for HTTP auth interstitial pages.