Most people don’t bother tweaking security settings of their Wi-Fi routers and that’s bad. Really bad.
Today’s hackers are savvy and they know how to take advantage of open and semi-open Wi-Fi networks, and those with default settings.
After all, we lock our doors, install alarms, and even put bars on windows to protect our property, but for one reason or another – we leave our home Wi-Fi insecure. We want to help change that, thus today’s article details a few things you can do to secure your Wi-Fi network. So without further ado, here’s what we’ve got…
1. Set up a new Wi-Fi password
If you have doubts someone has been using your Wi-Fi, the first (and easiest) thing to do is to change the password. Also, some people still have open Wi-Fi networks, which is even worse. In both cases, you should set up a new password, and use one that is hard to guess. This means using a mix of numbers and letters, some of which [letters] should be Capitalized. Also, make sure your password has at least 8 characters and, if possible, at least one special character.
If you’re still not sure what constitutes a strong password, feel free to use one of many web-based random password generators.
2. Change the default settings
Savvy hackers know factory-default settings of many routers, and if they want to get on your network — you should at least make it harder for them to do that.
These default settings apply to passwords, SSIDs (network names) and a few other details. You can tweak names across the board, just make sure NOT to affect the actual functionality of your router.
3. Disable UPnP
Related to the previous point of factory default settings — you may want to disable UPnP, which is enabled out of the box.
UPnP allows external devices to connect automatically and discover other devices on your network. It, however, comes with many vulnerabilities as your router doesn’t question whether connections coming from the UPnP protocol are trustworthy. This way a hacker can use a UPnP connection to (more) easily connect to your network.
With UPnP turned off, you will have to manually configure port forwarding, which is worth the effort because it improves the overall security of your network.
4. Turn off SSID broadcasting
Your Wi-Fi router is constantly broadcasting your network name (SSID). This makes it easier for guests to connect to your network — they could simply ask you for the password and to eventually be added to the MAC address filter list. However, a public SSID also makes it easier for tech-savvy malicious actors to find out there’s a network around them, prompting them to — perhaps — try to break in.
To prevent this from happening, you can turn off SSID broadcasting. It doesn’t mean you won’t be able to connect to your own network any more — you’ll just have to manually enter your Wi-Fi name when looking for the network.
5. Filter MAC addresses
Every Wi-Fi-enabled device has its own unique MAC address. Once connected to the router, you can see MAC addresses of all devices in your home/office. Copy/paste them in some text document so you could include them afterward to the MAC address filter. This way, only devices with those MAC addresses will be able to connect to your network.
But what happens if someone visits your home/office and needs to access your network, you may ask. Simply add their devices’ MAC addresses to the filter and you’re good to go.
6. Disable remote access
Most routers include a web interface that allows users to more easily tweak with various router settings. Accessing this web UI is available from the router’s IP address on a local network, but it is also possible to login to your router from another (remote) location. This feature should be disabled as it paves the way for malicious actors to login to your network and potentially wreak havoc.
You can do that by searching for an option such as “Remote Access,” “Remote Administration,” or “Remote Management” in your router’s web interface. Most routers will have it disabled by default, but it’s worth checking it out, nevertheless.
7. Keep your router’s software up to date
Just like your computer, the router also needs to be updated from time to time. Router manufacturers issue firmware updates to patch security holes that old firmware might present.
The problem is that your router won’t send you a message when a new version of the software has been released — you will have to log in to the router’s web interface and check from there. Then, when you see that a new version is available, you should follow the instructions provided and you’re good to go.
8. Connect your router to a VPN
Last but not the least, if your VPN provider includes support for routers — and the best do — you should take advantage of this. By doing so, you will protect all devices in your home or office that connect to the internet through your router — and that will also include devices that don’t have native clients, such as smart TVs, gaming consoles and streaming boxes.
Bear in mind that not all routers can be made to sing along VPNs and that you will have to manually set up the system. The time spent doing so is well worth the effort. It’s your data that will be protected, after all.