Often, when we think about security we tend to think about passwords, unsafe websites and viruses attached to emails. One thing that is often overlooked, however, is the security of our wireless networks themselves.
Although less fashionable than the more publicised threats, nonetheless, securing our routers is a vitally important part of staying safe online – in fact, only last month Virgin advised its customers to change their default router passwords following a Which? investigation.
We might imagine that an unsecured wireless network will result in nothing more than an increased chance that someone might help themselves to some of our bandwidth for free. However, while this in itself can be rather annoying, the potential threats can actually be far more severe.
In fact, if an unscrupulous third party is able to connect to your network they might intercept all of your traffic – stealing your passwords, redirecting your requests to fraudulent sites and changing the contents of your data are just some of the things they might want to do. And, in fact, even if they’re only using your network to get online they might be using that access to do all kinds of illegal things – all in your name.
So, it is vitally important that your wireless router is kept as secure as possible.
Here are some tips for beefing up the security of your WiFi.
1 – Change your router’s admin username and password*
Every router comes with a default, and usually well-known, username and password. So, for example, a particular firm’s routers might all have the username admin and the password password. If these values remain unchanged, a hacker on your network would have pretty easy access to your router’s admin section.
Once in the admin section of the router, a hacker would essentially be in control of your network – with the ability to change passwords or block and allow devices, for example.
So, if you haven’t done so already, go into your router’s settings and change the username and password to something only you know. You can get into your router’s settings by typing its IP address into a web browser. The address will usually be something like http://192.168.0.1, but here are some tips for finding your router’s address (also known as the default gateway) on Windows and Mac.
*Edit (24/07/17)
We should point out that not all routers provide the option of changing the default username. In these circumstances we still very much recommend changing the password.
2 – Change your network name
The service set identifier (SSID) is the name you see when you connect to your network. It is usually based on the type of router you are using.
If you’ve not followed the advice in step 1, then the SSID can be like a red rag to a bull – knowing the type of router you’re using, without changing the default password, would be a little like giving a hacker the keys to your home.
Even if you have changed your username and password though, which you really should, it can also be a good idea to change the SSID to something more personal (just don’t use your name) that masks the type of router you’re using. Like all of these tips, you can carry this out in your router’s admin section.
3 – Check your wireless key settings
First, it is important to check in your router’s settings what type of encryption your router is using. Older forms of encryption like WEP and WPA are vulnerable to attack and so, if you have the option, make sure to choose WPA2 encryption. It might be set to that already, but it is certainly worth checking.
Next, make sure that you change the password (network key) to something strong containing a combination of letters, numbers and symbols. A good method of ensuring a very strong yet memorable password is to think of a memorable phrase, and use that to construct the password.
For example, you might think of the phrase ‘Although I went to school in Manchester, I now live and work in London’. That’s easy enough to remember (especially if it’s true), and by using it to construct a strong yet memorable password you might come up with something like: aIwt5iM,In1awiL!
A quick online check of the strength of that password suggests that it would take approximately 4 million billion years to crack!
A combination of strong encryption and a strong password can help to ensure that only the people you want to are able to connect to your network.
4 – Other things you might want to consider
Updating your router’s firmware to the latest version can help to patch up any security vulnerabilities that have been identified. Notifications of firmware update availability, along with detailed installation instructions can usually be found on the manufacturer’s website.
MAC address (the permanent identifier assigned to any piece of hardware) filtering can be used to only allow certain devices to connect to your network. Again, detailed instructions can be found on the manufacturer’s website and online. This is not a foolproof system, however. By ‘spoofing’ MAC addresses, knowledgeable hackers can fool your network into accepting connections from their devices.
If you only connect to your network via an Ethernet connection, you might want to disable WiFi on your router altogether. In this case, only devices physically connected to the router could connect to your network. This is of course extremely inconvenient if you have wireless devices (which most of us do).
We have a number of guides online for our routers that can help you change your wireless settings:
ZyXel1312 – https://support.zen.co.uk/kb/Knowledgebase/ZyXEL-VMG1312-VMG8924-Wireless-Settings?_ga=2.2232304.1109900991.1500537711-184274480.1459500108
Fritz!Box – https://support.zen.co.uk/kb/Knowledgebase/FritzBox-3490-Wireless-Settings?_ga=2.207703762.1109900991.1500537711-184274480.1459500108
Technicolor TG589vac – https://support.zen.co.uk/kb/Knowledgebase/Technicolor-TG589vac-Wireless-Settings?_ga=2.7473906.1109900991.1500537711-184274480.1459500108