Wireless networks free you up to use your laptop wherever you want at home, but they can represent a major security risk if you don't set them up properly. Here's some easy but often-neglected ways to enhance the security of your home (or office) Wi-Fi network.
Picture by avlxyz
There's two reasons to protect your Wi-Fi network: security and saving money. Lots of data (including passwords and financial information) passes over your network, and accessing your router could potentially give a malevolently-minded organisation or individual access to that information.
On the financial front, if you leave your Wi-Fi network unsecured, anybody within range can potentially use your Internet connection for their own downloads. That might not seem a big issue if someone just wants to quickly check on email, but if your neighbours are regularly using your connection to download TV shows, you might find yourself going over your monthly broadband download limit and getting slugged with excess fees or a massively slowed connection. Securing your connection largely eliminates that worry.
Most newer wireless routers include some basic security setup, requiring you to create at least a password to access the system. However, there are extra steps you can take for added security.
Time to check the manual
Making virtually all of these changes will require you to use the administrative software (often also referred to as a management console) provided with your wireless router or broadband modem. Because the specifications vary so widely between models, we haven't provided exact step-by-step instructions: for that, you'll need to look at the manual that came with the device. If no printed manual came with the device, check on any accompanying CDs for a PDF version, or look on the manufacturer's web site.
The following principles usually hold:
- Changing settings normally requires you to access the router via your web browser. Instead of a web address, you'll type in an IP address: a number in the form 192.168.1.254.
- You'll need to supply an administrator name and password, which will be provided in the manual.
- Once you're logged in, there's a variety of settings you can change, which we've discussed below. In many instances, you'll need to click on a Save button within the browser to change these, and sometimes you'll need to click on an Apply button after making changes as well. This feature also means you shouldn't panic about accidentally clicking something wrong -- you can always go back to your browser home page, log in and try again.
- If you have trouble accessing the console via your wireless connection, try plugging in a network cable to the router and your PC and accessing it directly.
Once you've logged in, here's some key options to consider.
Make sure you're using proper network security
Fortunately, the era where Wi-Fi routers were set up with absolutely no security has now passed. However, some implementations still use the more basic WEP security model, which isn't particularly secure at all. Enable WPA2 for better protection, and make sure you've chosen a sensible password.
Change the default SSID
The SSID (service set identifier) is the name assigned to your network -- this is what shows up if you bring up a list of available wireless networks. By default, this will usually be either the name of the router itself, or possibly the name of your ISP if you've purchased the equipment through them. You can see both types in the screenshot above.
There are two good reasons to change the name. Firstly, specifying a unique name means you can be sure of which network you're connecting to (in an apartment building, it's not uncommon to see multiple instances of the same router). Secondly and more importantly, it means that any passing hackers can't automatically tell which equipment you're using. That information can be useful when trying to log into a given router, as we'll discuss further below. So find the section in the administrator to change your SSID and alter it to something more useful, though you might want to steer clear of too much identifying detail (such as your surname).
Don't broadcast the SSID
Even after changing the SSID, it's worth considering making your SSID invisible -- meaning that it won't show up on a list of available networks. To connect to it, you'll need to know its name and type it in (though you'll only need to do this once on your home machine). This can be a useful way of protecting your network: if someone is looking to grab bandwidth, they're always going to go with visible networks.
How the options is labelled within your router management console varies. In the sample screenshot, this is 'Hidden SSID'; on other routers, it's often listed as 'Broadcast SSID' and ticked by default.
Change the default passwords
As we've already mentioned, when your router ships, it will have a default administrator username and password set. You should change the password as soon as you can. If you leave the defaults set, then anyone who works out (or finds out) what equipment you have can log into the router and change your settings. Follow our guidelines for picking passwords to come up with something memorable that's hard to guess.
Lifehacker 101 is a weekly feature covering fundamental techniques that Lifehacker constantly refers to, explaining them step-by-step. Hey, we were all newbies once, right?