secure your wireless home network
Did you know that most wireless routers ship without any sort of security enabled? You can still secure your wireless network without any additional software, but you’ll need to get your hands dirty, so to speak.

Manufacturers generally leave network security up to the customer to enable after purchasing and setup. Many either don’t realize this, or they are intimidated by the prospect of setting up a secured network, so they simply go without it.

Unfortunately, network security is becoming a must these days. If you have an open network, the best case scenario is that you may have someone leaching off your Wi-Fi signal. That’s annoying, but not really dangerous (although there are exceptions based on what the signal thief is looking up or downloading).

The bigger issue though, is that an unsecured network could give someone access to your whole system. That that would be bad. Very very bad. Think worst case scenario.

It’s fairly easy to secure your home network, but if no one has ever shown you what to do it can be daunting. Even if the router shows that it is secure out of the box, you’ll still want to set it up. Having a secure home wireless network that uses the default settings can be almost as bad as not having any security.

You won’t get people randomly connecting as they walk by your home network, but leaving your login info as “admin” and “password” isn’t much safer

With that in mind we have three easy tips to help you set up your home network.

Secure your wireless network

secure your wireless home network

NOTE: To change your router’s setting you will first need to access the router setup menu. Most routers will use your Internet browser for the setup menu so go ahead and open up Chrome, Firefox, Safari, Internet Explorer, etc.. In the address bar of your browser you will want to key in the router’s IP address which will probably be 192.168.x.x (x being a manufacturer specified number). Check the user manual (or do a web search for your router) to find the exact IP address needed.

Some routers will also require you to connect your computer to the router using a physical connection, i.e. a cable. Check your router for details.

Change your router’s default username and password. Right out of the box, your router’s username and password will probably be something like “admin” and “password”. Router manufacturers make it something easy so that you won’t have any issues changing it. If you are unsure of your router’s default login info, consult the owner’s manual. If you no longer have your owner’s manual you can generally do a quick search online for details. Once you’ve found the default login, make sure to choose a name and a password that isn’t too simple. Adding in numbers and symbols is always a plus.

Change your router’s SSID. SSID (Service Set Identifier) is the name that you see when you select a wireless network to connect to. A default SSID, like the router brand name, is a dead giveaway that your network has not been configured past the defaults and is most likely fair game to connect to. Most people looking for free wireless keep an eye out for all the standard default SSID’s so don’t let yourself become a victim!

Here are a few funny SSID names to help get you started.

We often browse available Wi-Fi signals like this.There are lots of locked networks in Downtown Portland. Stephouse and Ace Hotel’s are unsecured because they’re for public use.

Enable wireless encryption. This is a feature that is available in every wireless home router made in roughly the last decade. You will probably want to choose “WPA2,” as that is the most secure form of wireless encryption available on most home routers. WPA2 might not work with some older versions of Windows, so keep that in mind if you run into any issues. Basically, encryption works to garble your wireless signal to those who do not have access to your Wi-Fi password.

Be safe and secure

There are a few other things you can do to secure your wireless network, but for the most part, you can secure your wireless network at home by simply creating new login info, changing the SSID, and enabling some wireless encryption. This is going to take care of the vast majority of Wi-Fi freeloaders.

The main goal in wireless security (as with any security) is to deter people from messing with you. Add barbwire to your chain link fence and people are much less likely to climb into your property. That is essentially what the three steps outlined above do.

Share →

6 Responses to Three easy tips to help secure your wireless network

  1. Benjamin Baker says:

    What is your opinion on wifi password complexity? Its easiest to just make one that is easily remembered and shared, and its my understanding that brute force methods can crack almost anything anyway.

    • David Day says:

      Thanks for your question Benjamin!

      In general the more complex a password is the harder it will be to crack. It seems to be difficult for us to separate ourselves from easy to remember phrases and keywords enough to create highly secure passwords. That being said the more characters one adds to the password the more one counteracts his/her inability to produce a truly random password.

      I tend to be fairly lazy about my wireless password because I know that WPA2 encryption (which I use) changes the key that it uses to authenticate the client/access point connection every so often. I should definitely beef up my password because that is more than likely a false sense of security if someone really wanted into my network. I have heard tale that full sentences of medium length make some of the hardest passwords to crack because of their length – these are valuable because it’s much easier to remember a sentence than it is a huge, random sequence of characters.

      Brute force can crack anything given time but if you have a 100 character password that time could be incredible.

      Great question, thanks so much!

  2. Mont Cessna says:

    Great post but no mention of the Reaver attack vulnerability of APs with the 8-digit setup code enabled.

    • David Day says:

      That’s a good point Mont Cessna.

      Actually, I was considering mentioning disabling WPS pins and enabling MAC filtering but to be honest that is a bit beyond the scope of this blog. If someone wants to rain on the parade badly enough they probably will.

      That being said I very much appreciate you bringing this up as it is worth looking into for anyone who is concerned about hardening their WiFi security.

  3. Matt Galazka says:

    Nice article David. This definitely covers the basics to adding security to a home wireless network. There are so many unsecured home wireless networks, any security will likely keep the mischievous folks moving on to the next one. After all, you don’t need to outrun the bear, just the other campers. 😉

    My quick two cents on the WPA2 passphrase question: I’d rather make a somewhat simple, but long, WPA2 passphrase that is easy to remember. Making a 15+ character passphrase (even if it’s simple like “sharing w/ my friends”) will heavily reduce your risk of any kind of brute force attack.

    One additional comment with regard to point #2 in your article — since WPA2 uses the SSID (network name) as the salt for encryption, making the SSID something unique helps protect against pre-calculated offline passphrase attacks.

    Again, nice article, thanks for sharing!

    • David Day says:

      Thanks for the pointers, Matt.

      I too prefer a short sentence to a garbled passphrase because you can typically remember many more characters with less effort and each additional character adds tons of complexity to the brute force push.

      As for the SSID, yes it is an added layer of protection. Furthermore, if you are looking at it from the typical wardriver’s standpoint – every time you see a default SSID you jump for joy!

Leave a Reply

Your email address will not be published. Required fields are marked *