Secure Your Wi-Fi Network From Hackers With These 10 Steps.
Wi-Fi allows all of your devices to connect to the Internet without any physical connection. However, this convenience also comes with a security risk. Unlike physical cables, a wireless Internet connection is easy to hack.
Why is securing a Wi-Fi network important?
Related: 5 Ways to Kick People Out of Your Wi-Fi Network
Before we start?
Note. Each router has its own interface with options located in different areas, so I cannot provide any one-size-fits-all instructions that might work for all routers. While I’ll do my best to give you the correct pointers, they should work for most routers.
Also, in most routers when you make the following changes to your router settings; your router may restart, causing you to lose internet access within a few seconds. So don’t do this if someone in your home is doing important work online.
How to secure your Wi-Fi network
Step 1: Access your router settings
It is not possible to manage Wi-Fi settings from any desktop or mobile software. All the steps we take to secure your Wi-Fi will be done on the your router’s settings page .
So, open your web browser, enter the IP address of your router (usually 192.168.1.1) in the omnibox and press Enter. If you don’t know what your router’s IP address or default gateway is, check out this post about finding your router’s IP address on different platforms.
Now, when you enter the IP address of the router, you will be prompted for a username and password. Here enter the username as “Admin” and the password as “password”. If this password doesn’t work, try entering “admin”, “12345” or possibly the company name of the router. If all else fails, call the router company or the person who set up your network and ask for login credentials. You can also call your ISP if they provided you with a router.
Step 2: Change the encryption to WPA2
The most popular way to hack Wi-Fi is to guess a password from a public database or try a combination of all English characters. Programs such as Aircrack-Ng and Reaver can crack WEP and WPA-PSK passwords in hours.
So, if you’re still stuck with WEP, WPA security, or worst of all, have an open Wi-Fi connection, then the first thing you need to do is turn on WPA2 encryption. Encryption is the only sure way to stop hackers from accessing your router. To enable WPA2 encryption, go to your router’s settings and look for the Wireless Security option. If you find the Wireless option instead, look for the Security option somewhere within it.
Here you should see a drop-down menu next to an option such as Network Authentication or Encryption. Click on it and you should see a list of encryptions you are using, select “WPA2”. And while you are doing that, also consider changing your Wi-Fi password to something that people can’t guess.
For example – I don’t suggest using a password as complex as this ^ 55 [@ 5 (W ^ GR <L = z as your Wi-Fi password, because then it will be difficult for you to explain this password to your friends. But make sure your password is not a dictionary word or something easy to guess like your first and last name (I know people who use this) A good Wi-Fi password looks like this: Fr33Int3rn3t. Just say the password: is free internet , with the letters f and I in uppercase and replacing everything with the number 3.
The security steps we list below should always be used in conjunction with WPA2 encryption, as this is the only way to truly secure your Wi-Fi. The methods below will only make it harder for hackers to access your router, these methods cannot protect you from an attack.
Step 3: Change the default password for the router
Most people stick with the default router password. This is bad practice because if someone is connected to your Wi-Fi (maybe a friend you gave your password to), they can also easily access the router’s settings and change the settings as they wish. In fact, they can even get you out of your own network. Therefore, it is important to change the default username (if allowed) and the router password.
To change the default router password, log into the router’s web interface and look for options to change the administrator password. Usually it is under maintenance or in general settings. Some routers only allow the password to be changed, but not the username, and some routers support different user accounts (such as user, support and administrator, etc.). Don’t forget to change the default password anyway.
Step 4: Use MAC address filtering
The MAC (Media Access Control) address is the permanent name of the device. This is a set of alphanumeric numbers (something like 1A-74-30-16-38-3B) that is unique to each device. Thus, you can use these MAC addresses to tell your router which devices are trusted and which are not.
In the router settings, you can allow only certain devices to connect to your Wi-Fi connection using the MAC address filter function, which further limits the access of unknown devices to your Wi-Fi. You can check the MAC address of your specific device right on its system, or also find it in your router’s DHCP list, given that all Wi-Fi enabled devices are connected to the router at that moment.
Then create a list of MAC addresses for all your devices and enter the MAC Address Filter option in your router’s settings, it should be in the Wireless section. Here, turn on Mac filtering and click Add to add all the MAC addresses of the devices you want to allow to connect. When you’re done, only the added devices will be able to connect to your Wi-Fi.
MAC address filtering is a common practice in large organizations and offices that handle sensitive data. However, keep in mind that the MAC address can be spoofed with a simple app on both your computer and your smartphone. So don’t rely on it 100%.
Step 5: reduce the WiFi range
If your Wi-Fi signal is outside your home, it makes sense to reduce the range of your Wi-Fi signal.
Some high performance routers have the ability to control transmit power. Go to your router’s advanced settings page and find TX Power. The default is 70 (0 means no range and 100 means the highest range), and depending on your requirements, you can set it to around 50. However, the router
However, if your router does not have software control over transmit power, you can do so on the hardware itself. Some suggest removing one antenna to reduce the range of Wi-Fi. While this is very effective, it can cause permanent damage to the router’s transmission card. The best way to reduce signal strength is to place the router in a shoebox or wrap the antennae with foil.
Related: Boost Your Wi-Fi Network With An Old Router
Step 6: Change your default SSID
The SSID is the name of your Wi-Fi network, and by default it is either the model number of the router (like TP-Link WR740N) or some people prefer to have their Wi-Fi name named after their family member (like Ravi Sharma).
Both are bad practice, because if a hacker knows which router model you are using, he can easily look at the router’s online documentation and find some vulnerability. Likewise, if you use a Wi-Fi name that can be used to identify you personally, the hacker will know who you are. Also, since you didn’t bother changing the SSID name, chances are you didn’t change other defaults, making you an easy target for others.
To change your SSID or Wi-Fi name, open your router’s settings page, look for Wireless and then SSID. This is usually next to the change password option on most routers. A good name for Wi-Fi is something common (mine is “Free Internet”). Bonus if you can come up with something creative and fun.
Step 7: Hide the SSID broadcast
By default, your router will constantly broadcast your SSID (or your Wi-Fi name) so you can easily find and connect your devices to it. But did you know that you can also connect to Wi-Fi if you turn off the SSID broadcast.
You can turn off SSID Broadcast so people don’t even know there is a Wi-Fi connection around them when they open Wi-Fi settings on their devices. In your router settings, you will find the option “Disable SSID†or “Hide AP†under “Wirelessâ€, which you can use to disable the SSID.
After disconnecting, you will have to manually enter the SSID on your device when connecting, so remember the SSID before doing this. Be aware that hackers can use the SSID Sniffer tool to easily see the SSID even if it is not broadcasting.
Some advanced routers allow you to create more than one SSID, for example, one for the guest and the other for regular users. So, if you need more security and your router also supports more than one Wi-Fi network name, you can use a bogus SSID to catch the hacker while hiding the actual one. However, only do this if you know what you are doing.
Step 8: Use a VPN
Anyone connected to your Wi-Fi can easily see what other people are viewing on their computer. And if they are good at computers, they might even steal your password while you visit less secure websites using packet capture tools like Wireshark, etc.
So, if you’re in a situation where someone is using your Wi-Fi that you don’t trust, but also can’t ask them not to use your Wi-Fi connection; then you can also use a good VPN to hide your activity. The VPN will encrypt all your activity and no one can see what you are doing. Some banking sites don’t respond well to VPNs though, so keep that in mind.
On the subject: What is a VPN and why should you use one?
Step 9: keep the Wi-Fi router in a safe place
I’m pretty sure most of you don’t know about this. But did you know that most routers have this feature, with which anyone can connect to a Wi-Fi network just by pressing one button on the router and their devices?
This feature is called WPS or Push’n’Connect (I’m sure you’ve heard of it), which is present in most routers today. If you look at the back of the router, you will see a small button (often next to LAN ports or a reset button) that says WPS. Now, some Wi-Fi devices don’t have an interface where you can enter the Wi-Fi password (like Wi-Fi repeaters) and this is where the WPS button comes in handy. Just press the WPS button on both devices at the same time and they will connect. No need to enter Wi-Fi password.
This is usually a handy feature, but if you keep the router out of sight then a hacker can do some social engineering, gain access to your home, and press a button to connect their smartphone to your Wi-Fi network. I know this sounds like a Mr. Robot episode, but why take the risk. Why not hang your router high up on the wall? By the way, it’s also good for network coverage.
Watch the following video on how to connect to * some kind of WiFi network without a password.
Related: Find Out Who Is Stealing Your Wi-Fi Internet
Step 10: last resort
If you are too paranoid, you can completely disable your Wi-Fi connection and start browsing the Internet on your PC using an Ethernet cable. Yes, this isn’t the best Wi-Fi security advice, but it’s a good solution if you don’t want to risk it. The option to disable Wi-Fi should be in the General or General section of the Wireless heading. This will completely disable Wi-Fi and all associated risks, but you will have to connect to the router directly with an Ethernet cable.
Packaging
Encrypting your Wi-Fi with WPA2 encryption is the best way to keep it secure, but you can also follow the other tips listed here to make it even more difficult for hackers to access and break into your router. However, keep in mind that you will also lose some convenience if you follow these safety tips. For example, if you turn on MAC address filtering, you will have to reconfigure your router settings whenever you want to connect a new device to your Wi-Fi.
And if you find that someone is stealing your Wi-Fi, you can either confront them personally (not recommended if they are bigger than you), or it is better to just kick them out of your network with a simple app. See the next video for details.
Are we missing something? How do I secure my Wi-Fi network?
If you know of any other ways to secure Wi-Fi, please share with us in the comments.