Games consoles, PCs, laptops, smart meters – they’re all connected to your home Wi-Fi router. Given the amount they’ve cost to buy, and the volume of data they store or process, it makes sense to protect your router.
After all, the slightest router security breach can result in lost data, viruses, ransomware, even identity theft. Research by Broadband Genie revealed the shocking truth about router security. Surveying 2,205 people over 18, over half (51%) had failed to carry out the most basic actions to keep their routers secure.
Further, 48% replied that they didn’t know they needed to.
What You Can Do to Secure Your Router
Preventing intrusion from within your wireless network and from external forces is straightforward. No special skills are required, just a level-headed approach to solving the problem and following steps.
By changing the administrator password, updating the firmware (the software that runs the router), disabling the WPS feature, and keeping an eye on what devices are connected to your router, you can create a more secure wireless network.
Change the Admin Password
On the back of your router or in the user manual, you’ll almost certainly find a password for configuring your router. This is the admin password, which you should change as soon as the router is installed because it provides access to crucial settings.
The exact steps required will depend on the router model. A general guide is to open the router’s admin screen on your computer’s web browser (again, using the IP address provided in the manual or printed on the back of the router) and find the change password option. You may also be able to change the administrator account username.
For maximum security, access this address via HTTPS rather than HTTP. If the option isn’t available, check the router settings to see if you can enable it.
Keep the password private. Anyone with that password can change the configuration of your router, impacting your network security.
Update the Router’s Firmware
Once logged into your router with the new password, it is important to update the firmware. Doing this can help to prevent hackers on the internet from accessing your device through a known vulnerability.
Again, the exact steps for doing this will depend on your router model. Check the documentation or browse the menus until you find the option to update the device.
Note that doing this will disconnect all devices from the router while it updates and restarts. As such, the remote connection from your computer will drop.
Disable Remote Router Administration
Certain features can be reset following a firmware update, so it’s worth taking a moment to check for potential issues. Something you should always keep an eye on is remote router administration. If your device features this option (which allows access to a remote user outside of the network) it should be disabled.
Furthermore, see if there is an option to limit admin access to Ethernet connections. For maximum security, enable this. Only a computer physically connected to the router may then access the admin screen.
Change the Router’s SSID (Network Name)
When your router is switched on, it broadcasts its name. This SSID (Service Set Identifier) should be changed as it reveals the model of your router. A potential hacker can use this information to determine any weaknesses and vulnerabilities that might be exploited to gain unauthorised access to your network.
Aim for a router name that is completely anonymous. If possible, disable broadcast of the SSID once all required devices are connected.
Use the Most Secure Encryption Option
Encrypted wireless networking is the most secure option. In your router’s settings, take a moment to ensure that WPA2 encryption is selected. Additionally, set AES if available (rather than TKIP).
With these options set, you’ll enjoy the most secure browsing possible from your router.
Routers without WPA2 but limited to WEP or WPA should be discarded and replaced.
WPS, or Wi-Fi Protected Setup, looks like a handy option to get guests onto your network. After all, it just requires a button to be pressed on the router, or a PIN entered as a passkey.
However, WPS is flawed and should be avoided. It’s safer to disable this feature in your router’s settings than keep it open and allow it to be exploited.
Create a Guest Network for Visitors
Instead of using WPS, take the time to create a second network on your router for visitors to access. In some cases, this can be done manually, but newer routers feature a guest network that can be simply switched on.
Once enabled, a guest network will give visitors access to the internet, but block access to devices connected to the main network. Incidentally, if you have any smart home devices, connecting these to the guest network can protect you from inherent vulnerabilities.
Monitor Devices on Your Network
Finally, it’s vital to be aware of the devices connected to your network. For example, you may find there is an unauthorised user. To check this, you have two options.
The first is to sign in to your router’s admin screen and check the connected devices. However, this can prove time-consuming compared to the alternative, which is to rely on a mobile app. Fing is a free network toolkit available for Android and iPhone/iPad. Once installed and running, it can identify all devices connected to your wireless network.
It’s a quick and easy way to find out which devices are on your network, assess their purpose, and remove them if necessary.