Using Wireless or Wi-Fi networks is something that many people use every day. No matter where you go these days, it seems there are Wi-Fi networks everywhere. From coffee shops, to restaurants, businesses, and even grocery stores, Wi-Fi connections are available to all users; but are these networks all secure enough in order to protect not only the owner of the wireless Network but also the users on it? Below are the top 10 tips we feel everyone should know about and use to improve their home network security.
1. Change the Default Administrator Username and Password:
Most home networks start with an access point such as a router. Fresh out of the box, these pieces of equipment are setup with default usernames and passwords for users to easily access the device to complete setup. These “default” usernames and passwords supply user login information for the life of the device. Many manufacturers use similar or well known usernames and passwords which make it extremely easy for hackers to gain control of your device (router). An example of this would be Netgear, who for years, has used the same default username and password for all of their networking devices, which is also printed right on the back of the device. Changing the username and password is a critical step in improving your home network security.
2. Change the Default SSID:
All routers or access points use a network name in order to tell other devices “this is me!” All manufacturers use a default SSID name which usually corresponds with the brand name. For example, Netgear devices use “Netgear” as their default SSID. By leaving the default SSID, you are not directly causing your network to be unsecure, but hackers see default SSID’s as a clue that the device has not been properly setup and therefore, more likely to be attacked. Changing the SSID name from the default should be a priority when setting up your network.
3. Disable SSID Broadcast:
When SSID’s are broadcasted it allows other Wi-Fi devices the opportunity to see and connect to the network. For hackers, broadcasting your SSID lets them know there is a possible target in the area. By disabling the broadcast, it makes it harder for hackers to find your device to attack. As the old adage goes, “out of sight, out of mind”. Disabling the broadcast feature is highly suggested by many professionals.
4. Always Use a Good Wireless Encryption:
All Wi-Fi access points or routers will support the ability to encrypt your transmissions. This means that all activity sent from your device to the connected router will be scrambled in order to protect the data transfer from hackers who might try to intercept the data. Today, several different encryption methods exist. Listed below are the encryption protocols in order from strongest to weakest:
Most users will want to use WPA2 since it is the strongest but there is a small catch. Not all devices will accept the use of WPA2 and its added protocol features, which means other encryption protocols must be used instead. In today’s world, almost all wireless devices do in fact use or support WPA/WPA2 protocols. On a personal note, using WEP would not be advised. It is one of the weakest and most outdated protocols available but like I always say, “weak security is still better than none”. Regardless, it is highly recommended users pick one of the three encryption protocols and create a good password to compliment it. This leads us straight into the next tip.
5. Always use a Strong Password:
When using encryption on your wireless network, a password will always need to be created. The difficulty then lies on coming up with a password that will be easy to remember but also hard enough so others can’t guess it. This is what separates weak passwords from the strong ones. In so many situations, people will choose to use passwords such as their pet’s name, middle names, or even their home phone number. These are all examples of weak passwords because even though they are easy to recall, they are also easy to crack. The characteristics of a strong password would be as follows:
Always use at least one uppercase letter and one lower case letter, a number, and symbol.Should be a minimum of 8 characters (********)Avoid complete wordsDo not use existing passwords (make sure it is significantly different from your other passwords)
Since strong passwords will be very unique, it may be difficult to remember, so a good practice is to write it down and store it in a location where it can be retrieved when needed in the future. For the sake of this article’s author, DO NOT tape the password to the bottom of the access point or router. By doing so, you have successfully negated the point I am trying to make.
6. Enable Firewall on Each Device, Including Router:
Today’s access points or routers will have a built-in firewall ability, but whether or not the option is enabled is critical. A router’s firewall in essence is just another wall a hacker must climb over in order to access your wireless network. With that being said, it is also highly suggested that firewall software be installed on PC’s or other eligible devices also connected to network. In many situations, the router’s firewall must be disabled to avoid interference with online gaming, in which case, it should be re-enabled after every session.
7. Positioning the Access Point or Router Within the Home:
This tip is not as important as the rest on the list but, nonetheless, is something to consider when setting up your wireless home network. All routers broadcast signal in a proximity fashion. For instance, a router placed in a room not centrally located within the home may cause some areas within the home to not have Wi-Fi. Some manufacturers have tried to correct this problem by making routers with added range or additional devices but all come with an added cost. To possibly avoid this all together, keep your router centrally located within the home to ensure ultimate coverage to most, if not all rooms within the home. This also ensures that signal is not being lost outside the home and being picked up by your neighbors instead.
8. Power Off Access Point When Not in Use:
The most effective way to keep your wireless network protected is it simply shut it down. Now, we are not suggesting every time you aren’t using your wireless network you should shut it off, but if it is not being used for extended periods of time it should be turned off. Going as far as unplugging the device when on vacation or away from the home for an extended period of time is also considered good practice because this also protects your network devices from possible power surges.
9. Use Static IP Addressing Rather Than Dynamic:
The common network setting for many users will have the access point or router using a dynamic IP address system. This is great for wireless network that has a lot of different users connecting and disconnecting from it and is overall easy to setup. Dynamic IP addressing allows a user to connect and automatically gives the device a valid IP address. This unfortunately works to the advantage of hackers as well, making it extremely easy to obtain access to the network. By using Static IP addressing, a router can be setup to accept and allow access to only those devices which are connected by manually entering pre-determined IP addresses. This ideally makes it harder for a hacker to be able to obtain an IP address.
10. Do Not Auto-Connect to Access Open (Unprotected) Networks:
This tip does not directly correlate with the protection of a home wireless network but we felt it was important enough to cover as our last and final tip. Automatically connecting to open or unprotected networks such as the free wireless hotspot at your local coffee shop or your next door neighbors home network make you and your computer vulnerable to security risks. It is important that you setup your computer or other Wi-Fi device to ask for permission to connect to any network (whether your own network or not). Hackers have been known to setup unprotected wireless routers in public areas in order to access computers or other devices who have the automatic connected setting enabled.
Being proactive in securing your home network has never been more important. Not so long ago, hackers chose to attack large businesses and tried to take down entire corporations based upon unknown motivations, but now things have changed. Today’s hackers have changed their targets to small businesses and homeowners where big budget wireless security isn’t an obstacle they will have to endure. If you’ve read this far, by no means was this article created to scare users of the “wireless” world. We are merely trying to provide simple and easy steps to ensure users with a continued, non-interrupted use of wireless technologies.
1. Change the Default Administrator Username and Password:
Most home networks start with an access point such as a router. Fresh out of the box, these pieces of equipment are setup with default usernames and passwords for users to easily access the device to complete setup. These “default” usernames and passwords supply user login information for the life of the device. Many manufacturers use similar or well known usernames and passwords which make it extremely easy for hackers to gain control of your device (router). An example of this would be Netgear, who for years, has used the same default username and password for all of their networking devices, which is also printed right on the back of the device. Changing the username and password is a critical step in improving your home network security.
2. Change the Default SSID:
All routers or access points use a network name in order to tell other devices “this is me!” All manufacturers use a default SSID name which usually corresponds with the brand name. For example, Netgear devices use “Netgear” as their default SSID. By leaving the default SSID, you are not directly causing your network to be unsecure, but hackers see default SSID’s as a clue that the device has not been properly setup and therefore, more likely to be attacked. Changing the SSID name from the default should be a priority when setting up your network.
3. Disable SSID Broadcast:
When SSID’s are broadcasted it allows other Wi-Fi devices the opportunity to see and connect to the network. For hackers, broadcasting your SSID lets them know there is a possible target in the area. By disabling the broadcast, it makes it harder for hackers to find your device to attack. As the old adage goes, “out of sight, out of mind”. Disabling the broadcast feature is highly suggested by many professionals.
4. Always Use a Good Wireless Encryption:
All Wi-Fi access points or routers will support the ability to encrypt your transmissions. This means that all activity sent from your device to the connected router will be scrambled in order to protect the data transfer from hackers who might try to intercept the data. Today, several different encryption methods exist. Listed below are the encryption protocols in order from strongest to weakest:
Most users will want to use WPA2 since it is the strongest but there is a small catch. Not all devices will accept the use of WPA2 and its added protocol features, which means other encryption protocols must be used instead. In today’s world, almost all wireless devices do in fact use or support WPA/WPA2 protocols. On a personal note, using WEP would not be advised. It is one of the weakest and most outdated protocols available but like I always say, “weak security is still better than none”. Regardless, it is highly recommended users pick one of the three encryption protocols and create a good password to compliment it. This leads us straight into the next tip.
5. Always use a Strong Password:
When using encryption on your wireless network, a password will always need to be created. The difficulty then lies on coming up with a password that will be easy to remember but also hard enough so others can’t guess it. This is what separates weak passwords from the strong ones. In so many situations, people will choose to use passwords such as their pet’s name, middle names, or even their home phone number. These are all examples of weak passwords because even though they are easy to recall, they are also easy to crack. The characteristics of a strong password would be as follows:
Always use at least one uppercase letter and one lower case letter, a number, and symbol.Should be a minimum of 8 characters (********)Avoid complete wordsDo not use existing passwords (make sure it is significantly different from your other passwords)
Since strong passwords will be very unique, it may be difficult to remember, so a good practice is to write it down and store it in a location where it can be retrieved when needed in the future. For the sake of this article’s author, DO NOT tape the password to the bottom of the access point or router. By doing so, you have successfully negated the point I am trying to make.
6. Enable Firewall on Each Device, Including Router:
Today’s access points or routers will have a built-in firewall ability, but whether or not the option is enabled is critical. A router’s firewall in essence is just another wall a hacker must climb over in order to access your wireless network. With that being said, it is also highly suggested that firewall software be installed on PC’s or other eligible devices also connected to network. In many situations, the router’s firewall must be disabled to avoid interference with online gaming, in which case, it should be re-enabled after every session.
7. Positioning the Access Point or Router Within the Home:
This tip is not as important as the rest on the list but, nonetheless, is something to consider when setting up your wireless home network. All routers broadcast signal in a proximity fashion. For instance, a router placed in a room not centrally located within the home may cause some areas within the home to not have Wi-Fi. Some manufacturers have tried to correct this problem by making routers with added range or additional devices but all come with an added cost. To possibly avoid this all together, keep your router centrally located within the home to ensure ultimate coverage to most, if not all rooms within the home. This also ensures that signal is not being lost outside the home and being picked up by your neighbors instead.
8. Power Off Access Point When Not in Use:
The most effective way to keep your wireless network protected is it simply shut it down. Now, we are not suggesting every time you aren’t using your wireless network you should shut it off, but if it is not being used for extended periods of time it should be turned off. Going as far as unplugging the device when on vacation or away from the home for an extended period of time is also considered good practice because this also protects your network devices from possible power surges.
9. Use Static IP Addressing Rather Than Dynamic:
The common network setting for many users will have the access point or router using a dynamic IP address system. This is great for wireless network that has a lot of different users connecting and disconnecting from it and is overall easy to setup. Dynamic IP addressing allows a user to connect and automatically gives the device a valid IP address. This unfortunately works to the advantage of hackers as well, making it extremely easy to obtain access to the network. By using Static IP addressing, a router can be setup to accept and allow access to only those devices which are connected by manually entering pre-determined IP addresses. This ideally makes it harder for a hacker to be able to obtain an IP address.
10. Do Not Auto-Connect to Access Open (Unprotected) Networks:
This tip does not directly correlate with the protection of a home wireless network but we felt it was important enough to cover as our last and final tip. Automatically connecting to open or unprotected networks such as the free wireless hotspot at your local coffee shop or your next door neighbors home network make you and your computer vulnerable to security risks. It is important that you setup your computer or other Wi-Fi device to ask for permission to connect to any network (whether your own network or not). Hackers have been known to setup unprotected wireless routers in public areas in order to access computers or other devices who have the automatic connected setting enabled.
Being proactive in securing your home network has never been more important. Not so long ago, hackers chose to attack large businesses and tried to take down entire corporations based upon unknown motivations, but now things have changed. Today’s hackers have changed their targets to small businesses and homeowners where big budget wireless security isn’t an obstacle they will have to endure. If you’ve read this far, by no means was this article created to scare users of the “wireless” world. We are merely trying to provide simple and easy steps to ensure users with a continued, non-interrupted use of wireless technologies.
This post first appeared on The World Best Information Techonlogy, please read the originial post: here
