We lock our doors, install alarms, and even put bars on our windows to protect our devices, but we leave our home Wi-Fi insecure. Why? Read on to see how to secure your Wi-Fi, enhance your router’s safety, and protect your home network.
Why you want to secure your Wi-Fi
Piggybacking: Other users connecting to your unsecured Wi-Fi may be on the lower end of the threat spectrum, but it still raises some concerns. In most cases, this results in reduced bandwidth as part of your connection is being stolen. Depending on your service plan, this may also lead to higher costs. In rare cases, someone using your Wi-Fi to perform illegal activities can get you in trouble, as the authorities may identify you as the culprit.
Prevent Wi-Fi-based attacks: Hackers seek out unsecured networks because they're great attack vectors. They can scan your traffic to learn your passwords, perform “man-in-the-middle” attacks, breach your devices or even find your home address.
Secure your router: Depending on the router and the hacker, some unsecured Wi-Fi networks can be exploited to break into your router as well. This gives the hacker even more options. They can turn your router into a part of their botnet to hide their illegal activities, use it for crypto-mining, or passively monitor your traffic even when they're gone.
TQI Managed Services: We do this for you if your business is utilizing TQI’s Managed Services. You can count on this fact for your office. Have you considered, however, what you need to do to secure your home’s Wi-Fi networks?
How to Secure Your Wi-Fi at Home
Set up a new Wi-Fi password.
This is a basic security method that helps to prevent unauthorized access. Having no password or keeping the default factory one is like having a public Wi-Fi – anyone can join in. Change it to a strong password.
Change the default settings for your network.
Many routers come with factory-default passwords, SSIDs (your network name), and other details that hackers can easily find online. Change anything you can that won't affect the actual functionality of your router.
Filter MAC addresses.
You can improve your Wi-Fi security further by filtering the MAC addresses of the devices you want to connect to your network. This makes it difficult for any other device whose MAC address hasn’t been added to the network to connect to it.
Turn off SSID broadcasting.
Your SSID is broadcasted at all times. It makes it easier for new devices to find and connect to your Wi-Fi, but it also makes it equally as easy for hackers to find it too. These signals can be easily scanned and transformed into heat maps that show where a certain network is. These maps are readily available to average users or stalkers, too. However, you can turn off SSID broadcasting to protect your home network.
If you disable SSID, that doesn’t mean that you will no longer be able to find your Wi-Fi. You’ll just have to manually enter your Wi-Fi name when looking for your Wi-Fi network.
Many routers have UPnP enabled by default. UPnP helps external devices connect automatically and discover other devices on your home network. However, it presents many vulnerabilities as your router doesn’t question whether connections coming from the UPnP protocol are trustworthy. This way a hacker can use a UPnP connection to connect to your network.
Without UPnP, you’ll have to manually configure port forwarding. However, this is worth doing because it improves your overall network security.
Log out of your router’s web interface.
Some routers may be vulnerable to cross-site scripting attacks. These are difficult to defend yourself from as they target the websites you visit rather than the router itself. However, if you forget to log out of your router’s web interface, hackers can use it against you, leak your login details and breach your network.
Set encryption on your router.
Did you know that you can encrypt your router? You can do this by going to your router’s security settings and looking for ‘Encryption.’ It’s recommended to use at least WPA2 and nothing less than WEP encryption. Don’t forget a strong password, too.
Disable remote access.
You can configure most routers through a web interface. All you need to do is open your web browser and enter your router’s IP address. You should only be able to do this when connected to your local network. However, some routers do offer remote access, meaning that you can tamper with a router’s settings even if you are on the other side of the world.
If this feature is enabled, it also means that hackers may be able to access your router without credentials, usernames or passwords. To turn it off, open your router’s web interface and look for the ‘Remote Access’, ‘Remote Administration,’ or ‘Remote Management’ feature. Most routers will have it disabled by default, but do check it before you move on!
Make sure that your Windows Firewall is on.
If you are a Windows user, make sure that this built-in security feature is on. It will filter and block potentially harmful programs from communicating with your device and will protect your network. You can check whether it’s on by typing ‘firewall’ in your search bar, opening ‘Windows Defender Firewall,’ and looking for ‘Windows Defender Firewall state’ – it should be on!
Update your router’s interface.
The software that runs on your router – its firmware – isn’t perfect. Like any other software, it goes out of date. Router manufacturers tend to issue firmware updates to patch security holes that old firmware might present. However, the problem is that your router won’t remind you to do this the way your operating system would.
To check whether you need to update your firmware, go to your router’s web interface. Most of them will indicate when your firmware was updated last and whether there’s a new version you can install.
Connect your router to a Virtual Private Network (VPN).
This step will actually secure devices AFTER they connect to your Wi-Fi, not in the local area while they connect. Enabling a VPN on your router can have trade-offs, but it will make every device that connects to your Wi-Fi more secure.