Installing a wireless router appears to be an easy task. Plug it in and connect, however, not so fast… But it is important to secure that wireless network so you can prevent unauthorized users from accessing your data and protect yourself against potential threats. However, far too many users tend to forget about this and open up the vector of attack for potential intruders. Below is a guide that will help you go through the basic steps to secure your wireless router and make sure no one uninvited can snoop on any information passing over your network.
Simple Installation
Installing a wireless router is not hard at all. First, you unplug your cable or DSL modem, power up the wireless router and connect it to said cable/DSL modem using a cord. When the modem comes back on, your wireless network wizard should automatically find the router. Then, if you don’t need to make any special configurations (should not be needed for most Internet Service Providers [ISPs] unless using a static IP), you will see that it is connected and working online in no time.
Yet wireless routers come from the manufacturer with all of these security features disabled for simplicity in setup and configuration. Anyone around can take advantage of your network without you noticing, thanks to this convenience. Unchecked, you’re basically inviting the world into your network and letting them watch what’s up…and that means everything from spying on your stuff to stealing it.
How to Password Protect Your Router Access
One of the very first steps you need to take when securing your wireless router is changing the default login credentials. Routers with default usernames and passwords are sometimes easier to find online than ever.
Check Security Your Router — Open any Web Browser, and type the router’s setup URL in the address bar (You can easily find it in its manual). Common URLs:
- D-Link routers – http://192.168.0.1
- Linksys routers – http://192.168.100
Access below the default username and password. Go to the settings where you can change the password. For instance, in Linksys routers input the username field blank and the password ”admin”. Modify the password on the first login. Choose a secure password that people cannot guess easily. It needs to be the perfect blend of letters, numbers, and symbols.
Change the SSID by Default
The SSID (Service Set Identifier) is the name of your wireless network. The default SSID for a router is typically related to the manufacturer like “Linksys” or “Netgear.” Your network can be identified and specifically targeted with the default SSID.
To change SSID:
- Go to wireless in your admin user interface and enter its settings.
- Scroll down a little and find an SSID field.
- Change this into something NO one else will ever guess! Avoid using names like “Home Network” or “My Wi-Fi” that many people will choose.
Changing the SSID takes one second and means potential intruders will have to sit with a low-level hacking de-authorization/setup that most people don’t go through, along with manually defining your network as an intentional target.
Though renaming the SSID will provide a layer of security, the name of your network is still visible to anyone within range unless you disable SSID broadcast. When you disable SSID broadcast, your network goes invisible to nearly everyone except for those who must know the exact name of it in order to join. This can be used to hide the SSID so even if anyone tries to connect from their phone/laptop, they will not be able to see the network.
To disable SSID broadcast:
In the same wireless settings menu where you changed your SSID, find an option that says something like “Broadcasting my Network name.” Stop that, and your router is now less open than before. DONE! Save the settings and logout from the configuration.
An additional layer of protection is enforced when with no SSID broadcast your network will not be seen automatically in the list of available networks. Any devices that were previously connected to the network will have to be manually re-configured if you want them to connect using the new SSID.
The Use of Encryption: WEP, WPA, and WPA2
Encryption should be chosen to protect the data sent over your network. There are usually some encryption options per wireless network:
- WEP (Wired Equivalent Privacy): An old standard in terms of security. In simple words, it’s basic protection and still easy to crack.
- WPA (Wi-Fi Protected Access): A newer form of security that is considered very secure.
- AES WPA2: Standard best security available – Strong encryption.
Activate encryption:
In your router’s configuration menu, look for the security settings. When you can, use WPA2 where your router supports it, with a good passphrase. Click Save and Sign out. When you turn on encryption, every device that attaches to the network must be restructured with the encryption key.
More Security Measures
While the above steps can be considered the basics to secure your wireless network, further security measures are provided which will make it more secure:
- Regular Channel Change: Routers broadcast their signals through different frequencies (channels). Frequent changes of channel force hackers to reapply, take more time, and require the password/regain access.
- MAC Address Filtering: Every device has its unique MAC (Media Access Control) address. Your router could be configured to only allow these specific MAC addresses and block the rest.
- RADIUS Security: Finally, for anything that needs an extra layer of security — specifically, businesses or users with very sensitive identity data — consider using RADIUS (Remote Authentication Dial-In User Service). This requires a little extra hardware or paying for a more advanced protection service, but it is tough.
Conclusion
Whether you are at home or in the office, protecting your wireless router is an important first step to ensuring no one else can access and potentially steal personal data. The first thing you may do after reading this text is changing the default login and SSID.
By following these steps, now it’s most difficult for anyone to access your network easily. Enhanced security, like RADIUS for better-protected environments, brings some complexity, but safety should not be prejudiced by a little bit of inconvenience.
