How to secure your home Wi-Fi
You might not think of your Wi-Fi router as anything more than an Internet-broadcasting box, but it’s one of the least secure Internet-connected devices in your house. Unless you take certain precautions to secure your home Wi-Fi, these devices—and your personal information—could be vulnerable to hackers.
“Your Wi-Fi router is the heart of the home network,” says Stephen Cobb, senior security researcher at IT security company ESET. “The more devices we connect to it, the more critical a piece of equipment it becomes. People need to realize that these devices can be seen from the Internet by anyone poking around, so it needs to be appropriately configured.”
Users who don’t take precautions to secure their home network risk falling victim to criminals looking to steal information, distribute malware, or launch DNS attacks, Cobb says.
“Newer routers might automate some of these steps, but you should always work through a checklist to make sure these things are taken care of,” Cobb advises. “Don’t assume that just because you have a brand-new router, it’s doing everything properly.”
Here are five steps you can take to secure your home Wi-Fi. Find these settings by logging into your router through its manufacturer’s website.
CHANGE YOUR Wi-Fi PASSWORD AND SSID
Wi-Fi routers come preprogrammed with a password and service set identifier (SSID)—also known as the default name of your router—set by the manufacturer. Default passwords, Cobb says, are often known and shared among hackers. To prevent them from gaining access to your wireless network, change both.
“Your SSID will usually look something like a combination of the router’s make and model, which is easy for people who are poking around to find,” Cobb says. “Some users might rename it ‘Steven’s router,’ which isn’t a good idea. You want to come up with a cryptic name—something that guests might be able to identify, but isn’t immediately obvious to everyone else.”
-
HIDE THE SSID
Your router is likely preprogrammed to automatically pop up its SSID in a list of networks within Wi-Fi range. Cobb recommends turning off this default setting, such that people who want to connect to your router need to know and enter its name each time.
“This might make things a little less convenient for you, but it will also make you a lot more secure,” Cobb says.
-
UPDATE YOUR ROUTER’S FIRMWARE
Firmware is code that lives on a chip in your router and controls its basic functions. New routers often need firmware updates, Cobb says, because they tend to sit in distributor warehouses for months before they’re purchased.
“We’re all familiar with how Mac, Windows, and iOS devices push out updates, but firmware updates are not on that same schedule,” he says. “That’s one big weakness in the home router environment—they rely on consumers to do a periodic check on their own.”
To streamline firmware updates, Cobb recommends registering your device with the manufacturer or checking for updates monthly. When you log into your network router, it will often alert you when new updates are ready to download.
-
TURN OFF AUTODISCOVERY
Routers come preset with certain settings; Cobb recommends disabling their autodiscovery feature. This setting allows others, such as your manufacturer, to access your router’s controls remotely, often to provide technical support, according to the Federal Trade Commission. Keeping this setting turned on could leave you vulnerable to hackers looking to gain access to your home network.
“The bad guys are always looking for new ways to abuse new things, and this is one way they could potentially do that,” Cobb says.
-
RESEARCH YOUR ROUTER
If you’re in the market for a new router—or curious how secure your current one is—do your research, Cobb says. Three things you want to look for: the age of the router, the type of encryption it uses, and whether it’s associated with vulnerabilities or hackings.
“Just because your service provider gave you a ‘new’ router doesn’t mean it’s actually new. It could very well be an older model,” Cobb says. “And in general, you want to consider getting a new one if it’s older than three years. It might still work, but it might not be as secure.”
You also want to check the level of encryption to ensure it uses WPA2, not WEP. The latter is an outdated form of wireless encryption that’s easily broken, Cobb says. This issue is typically associated with legacy routers, as WPA2 is now the industry standard.
Finally, plug your router’s make and model number into a search engine with the words “hack” or “vulnerable” to determine whether it’s associated with any known security issues, Cobb says. Consider upgrading to a new one, if you discover vulnerabilities.