Wi-Fi, or wireless network connection, has made it easier to create networks and access the Internet in our homes. It enables wireless music and video streaming, file and printer sharing, and internet access and sharing for laptops, computers, tablets, phones, smart TVs, streaming devices, and more with Wi-Fi support.
LAN cables are no longer needed as the same functionality is now provided by WiFi routers.
Consequences of an unsecured WiFi
However, attackers can gain access to this same wireless feature and use it. They could be professional hackers trying to gain access to your network with malicious intent, or your neighbor trying to access your network for free Internet access to download videos or music.
Attackers can do any of the following:
- connect to your network to access personal data on connected devices.
- use your internet connection to commit malicious acts.
- stream or stream unwanted video or audio to connected devices.
- use your internet resource, resulting in slow and high latency connections.
Obviously, you don’t want any of this to happen. So, here are 5 ways to secure your WiFi connection.
Change the SSID and WiFi access password periodically
SSID is the name of your WiFi connection. WiFi routers are provided with default SSIDs depending on the brand and model. However, some brands and models have known vulnerabilities.
An attacker could use the default SSID to identify the router and then exploit it using known vulnerabilities. But you can mitigate this threat by assigning a unique SSID to hide your router type.
WiFi passwords are closely related to the SSID. For anyone to be able to access the wireless connection of the router, they need to know both the SSID of your router and the corresponding password. Since some routers know the default passwords (and some don’t even have a password at all), assigning a new password will prevent an attacker from unauthorized access.
However, no network is completely secure. Decisive attackers will find ways to obtain your password in a variety of ways. But these methods usually take time, patience, and creativity.
By periodically changing your SSID and Wi-Fi access password, an attacker who may have already obtained your old Wi-Fi password would have to go through the same time-consuming process again to get your new password. In the end, they may lose interest if the time and effort required far exceed the reward received.
Put your WiFi router in a safe and strategic location
Your WiFi router should be located in such a way that its signal is sufficient only to serve all areas of your home, and not outside it. Wi-Fi signals reaching areas outside of your premises, such as the street or neighborhoods, can invite potential attackers to try to access your network.
To control the WiFi signal strength, adjust the transmit power of your router so that it stays within your home.
Also, your WiFi router should be placed in a safe place. Routers have buttons and ports that can allow attackers to bypass any established defenses. For example, the WPS button allows you to access any device connected using WPS after you press the button.
Likewise, some WiFi routers have LAN ports for backward compatibility with wired connections, which are not secured by default. Preventing physical access to the WPS button and LAN ports on your Wi-Fi router can further secure your WiFi.
Change the administrator profile for the WiFi router
All routers have an administrator profile for maintenance. These profiles are usually accompanied by factory usernames and administrator passwords. You need to change them.
Otherwise, an attacker with Wi-Fi access can leave a backdoor that they can use later, even after changing the SSID and Wi-Fi password.
Use the WiFi router’s administrative functions
Some Wi-Fi routers have other features to help with security.
For example, some routers display a list of all devices currently connected to it via MAC address identification. You can manually check connected devices by their specific MAC addresses to determine if an unknown device is connected.
Other routers have a whitelist / blacklist feature. This allows you to specify which devices (based on their MAC addresses) can or cannot access your router.
Another administrative function that you might want to control is the WPS PIN entry function. It allows users to gain access to the router by entering a PIN, not a password, and can be used by intruders to gain access through the back door.
Secure devices connecting to your WiFi router
Devices that connect to your WiFi router usually store the WiFi password on their systems. This could be a problem.
An attacker with physical access to these devices could view these stored passwords. To counter this threat, you need to make sure all of your devices are protected.