Have you been wondering how to secure the wireless network at your home or office? Were you even aware that every wireless network needs to be secured? An air-tight network is not hard to achieve - simply follow our seven recommendations below and you will be well on your way!
Even if you do nothing else, enabling wireless encryption is a must-do measure. This will prevent uninvited guests from eavesdropping on your network traffic, which is typically the first step towards breaking into a network. In your router's administrative interface, look for the WPA2-PSK setting.
For the same reasons, a network without an access password - an open network - allows anyone within range to use your network for their own purposes, and potentially to also hack into the other devices on your network. This is begging for trouble.
The network access password should be updated regularly on all your active WiFi devices.
An SSID is the name given to a wireless network. By default, it is broadcast far and wide so that any device can find and connect to your network. Many home WiFi routers come pre-configured with a default SSID, e.g. "Motorola", or "NETGEAR". If left unchanged, this immediately gives the bad guys a huge hint about which attacks have a better chance of success. It also suggests that the network could still be in its default factory configuration, thus attracting unwanted attention.
Recommendation: Change your network SSID so that it says nothing about you or your network, e.g. a randomly selected word from the dictionary.
This is another example of a feature that trades away security for a small amount of convenience. Guests are typically people that you trust to a certain extent, but a guest network can be used by anyone within range of your router - see item #1 above. It is effectively an open network. Turn it off! Instead, when you do have a guest at your house, give them the regular password.
Don't forget - you can always change your Wi-Fi password later if you wish.
Anyone who can logon to your WiFi router as the administrator has complete control over your network. You should only extend this privilege to people you trust, no one else. Your admin username and password should be carefully guarded.
WiFi devices come from the factory with a preset admin username and password, for example simply "admin" and "password". These default passwords are well known and widely published - see here and here.
You need this username and password when setting up your WiFi network for the first time.
Recommendation: Change your admin username and password immediately after setting up your WiFi router, and at regular intervals afterwards. Standard security guidelines apply here - choose a password that is not short, not guessable, and not a dictionary word. And don't write it down anywhere!
This goes hand in hand with the previous recommendation to secure your admin username and password. The same reasons apply - anyone who can access your WiFi router as an administrator can do whatever they choose to your network. Sad face!
The WiFi admin interface should only be accessible from inside your network. Remote or cloud admin features disregard this rule by making it possible to administer your router from anywhere in the world. This naturally means that anyone - especially the bad guys - can try to logon remotely. Expect to see brute force attacks on your password, or exploit attacks that break or bypass the admin logon screen. This is Not Good.
Recommendation: Turn off the feature. The convenience that it offers is simply not worth the risk.
Wi-Fi Protected Setup is a feature that allows a device to be connected to your network with a single push of a button, without the need for a password. Unfortunately the feature has been found to be vulnerable to various attack techniques that result in it being an all-round bad idea. In your router's administrative interface, look for the WPS setting, and then turn it off!
Security holes are discovered in WiFi devices all the time, in the same way as a traditional computer system. If a router manufacturer is responsible and caring about its customers, it will release patched and updated versions of its product firmware from time to time.
You should check for such updates regularly, and, if one is available, it should be installed ASAP. This may involve running the router's auto-update function, or possibly downloading and installing the firmware file from the manufacturer's web site.