It so happened that many are not serious about protecting their home Wi-Fi network and the router itself. In the best case, the Wi-Fi network is protected by some kind of password, and the factory password of the router has been changed. But this is not always the case. Very often, users leave their Wi-Fi network completely open. Out of the kindness of my heart, or just too lazy to install and then enter this password - I don't know. But this is very silly.
I think that many simply do not understand how dangerous it can be to connect other users, or, even worse, attackers to their Wi-Fi network. Let's say we have a home wireless network. Let it be password protected, or completely open. But by hacking, or simply connecting (if the network is not secure), other users have connected to it. These users most likely have no bad intentions. They are not interested in our personal files and have no purpose to harm us in any way. Just connect to someone else's Wi-Fi and use the Internet.
It seems okay, we do not mind. But you need to understand that these foreign devices create a load on our router. He starts to work slowly. Connection speed drops. What if they download / distribute torrents? Or are they playing online games? This is a heavy load on the network and router. It can generally freeze, glitch, etc. But that's half the trouble. If we have a local network configured, access to some files on the computer is open, then everyone who is connected to your router can also access your files. And this is at least unpleasant. Have you changed the administrator password on the router? If not, then these other users have access to the router's settings. And they generally can change / put the password on Wi-Fi. To your Wi-Fi. And you have to reset the router settings and re-configure everything.
But there may be more serious problems. Especially when, due to poor protection of your wireless network, some intruder gains access to it. He, for example, can commit some illegal actions through your connection. For example, post or upload some prohibited files. And most likely you will have to be responsible for this. Also, through the router, you can access your devices and the information that is stored on them.
Of course, any Wi-Fi network can be hacked. And there is no 100% protection. But hardly anyone will spend time and effort to get access to a regular home Wi-Fi network. Unless, of course, you store super-sensitive information and your specific wireless network is not of particular interest to cybercriminals. Therefore, I recommend everyone to at least set a good password on Wi-Fi and on the router itself. But besides this, I have a few more recommendations that will allow you to maximally protect your wireless network and router from other users (in the person of neighbors, intruders, etc.) and hacking.
To change the security settings of the router, you need to go to its web interface. This process (as well as the process of changing other parameters) differs depending on the manufacturer, model, or firmware of the router. Therefore, I give a link to the universal instruction: how to enter the router settings. All the information you need is there.
Set a strong Wi-Fi password
Your Wi-Fi network must be password protected. A good password. No "11111111", "12345678", "qwertyui", etc. Do not be lazy to come up with a strong password, which will contain capital letters, numbers and special characters (~! @ # $% & *). Also, do not be lazy to write down this password, so that later in the comments do not ask: how to find out the password from your Wi-Fi?
Yes, such passwords are not very convenient to enter when connecting devices. But how often do you connect new devices? I think no.
Wireless security settings are more than just a password. You need to select a modern and reliable type of security and encryption for your wireless network in the settings. If you have no desire to watch a separate article on this topic, then I will say that it is better to install WPA2 - Personal with AES encryption.
If you do not know how to set or change the password for Wi-Fi on your router, then see the article on how to protect a Wi-Fi network with a password. If you do not find instructions for your router in the article, then use the site search. If you don't find anything there, then leave your question in the comments. Just write a model. I will try to suggest how and where you can change the password on your device.
Here I also want to add that it is desirable to change the name of the wireless network (SSID). Come up with some original name. This way you will not lose your network among other neighboring networks.
Protect your router settings with a password
This password has nothing to do with Wi-Fi. It is used solely to protect the settings of the router. So that no one except you can enter the web interface of the router and change some settings there. As a rule, a username and password are set (sometimes only a password). On some routers, it is installed by default. Usually admin / admin is used. If the default password is not set, then during the first setup, the router offers to set it. But this can be done at any time in the control panel.
After setting / changing the password, you will need to enter it every time you enter the web interface.
On this topic, I have already prepared a separate article: how to change the password on a router from admin to another. There I showed how to set a password on ASUS, D-Link, TP-Link, ZyXEL routers.
Disable the WPS function
Using WPS, you can quickly connect devices to a wireless network without entering a password. But as practice shows, few people use WPS. You can find many materials where it is written about various security issues with the WPS function. Therefore, to protect the router from hacking, it is better to disable this function.
In addition, I noticed that because of WPS, very often it is not possible to connect some devices to Wi-Fi, or configure the router in bridge mode.
How WPS works and how to disable it, I wrote here: https://help-wifi.com/sovety-po-nastrojke/chto-takoe-wps-na-wi-fi-routere-kak-polzovatsya-funkciej-wps/
Hide your Wi-Fi network from prying eyes
In the Wi-Fi network settings on the router there is such a function as "Hide SSID" (Hide SSID), or "Disable SSID broadcasting". After activating it, the devices will no longer see your Wi-Fi network. And to connect to it, you will need to specify not only the password, but also the name of the network itself (SSID). And this is additional protection.
This setting is usually found in the wireless settings section. You can see, for example, how to make a Wi-Fi network invisible on TP-Link routers. After that, you may need the instruction in which I showed you how to connect to a hidden Wi-Fi network.
Set up MAC filtering
Not sure if every router has this feature, but I think it should. MAC address is a unique address of the Wi-Fi adapter (module). That is, each device has its own. In the settings of the router, you can register the MAC addresses of those devices that can connect to your network (create a whitelist of addresses). If the MAC address of the device is not in the list, it will not connect to the network.
This is probably the most effective router protection. The only inconvenience is that when connecting new devices, you will have to go into the settings of the router and register their MAC addresses.
I talked a little about these settings in the article how to block a device (Wi-Fi client) on a router by MAC address. Only there I created a black list of devices (which are forbidden to connect), and in our case, we need to create a whitelist of MAC addresses of devices (which are allowed to connect).
Additional recommendations
Here are a few more tips to help make your router even more secure.
- Update the router firmware. In new versions of the software, not only some functions or stability of work can be improved, but also security.
- Firewall, Antivirus, Firewall, DoS protection - all or some of these features are present in modern routers. Usually, they are enabled by default. Do not disable them unnecessarily or change the settings.
- Remote access to the router is the control of the router via the Internet. If you are not using this feature, then it is better to disable it.
- Change the Wi-Fi password from time to time.
- Check if there are foreign devices in the list of connected clients on your router. How to see: who is connected to the ASUS router, who is connected to the D-Link router, who is connected to the TP-Link router.
All of these basic settings will help you patch the major security holes in your router and the Wi-Fi network it shares. I think that these recommendations are more than enough for home Wi-Fi networks.
