Here's Your Wireless Network Security Checklist
A concerned reader asks: 'I have a wireless router, with several computers and other gadgets in my home connected to wifi, but I'm worried about the security of the wireless network. How can I make sure that nobody can secretly access my computers through a wireless connection?' Read on for my answer and advice... |
Checklist: Is Your Wireless Network Safe?
The purposes of wireless security is to keep unauthorized parties from using the wireless Internet access that you pay for, and to keep unauthorized parties from accessing the computers on your wireless network. For home and small business wireless network operators, "unauthorized parties" are usually not mastermind cybercriminals but casual freeloaders.
Your wireless network's range is a few hundred yards, at most. That means the people most likely to "hack" into your WiFi network are your neighbors and transient passersby. But you don't want to leave your wifi signal unprotected, or you could be accused of a digital crime you didn't commit.
Fortunately, it does not take much to deter wifi gate-crashers. A few easy, free tweaks to your WiFi router's settings are enough.
- Change your wireless router's default username and password. The default login credentials for most WiFi routers are well known to hackers, and gaining access to the router enables them to do anything they wish. Note that this is NOT the same as the password one must enter to connect to a wifi network. You'll need to login to your router to change the login credentials. Your Internet provider can help you if you're not sure how to login.
- Lock down your wifi with a password. Enable user authentication so that only persons who have a secret password can connect to your WiFi network. Authentication relies on encrypting the wireless signal so that only those who have the password can decrypt and use it. Several kinds of encryption are built into most routers.
- Choose a really good password. Make your wifi passwords long or random so that they are difficult to guess or hit upon with "brute force" password-cracking software. A strong authentication key is at least 12 characters long and includes a random mixture of upper- and lower-case letters, digits, and special characters such as the underscore. Most devices will remember an authentication key, so the user only has to type it once.
- Change the wifi password occasionally. If any user no longer needs access, i.e., if you fire an employee or throw your brother-in-law out of your house, changing the wifi password will block them from your wireless network.
- Create a guest wifi account. This allows visitors to access the internet, but blocks them from shared folders, printers, or other devices on your network that should not be public.
- Don't advertise yourself. Set your router to not broadcast its SSID - the network name that identifies your wireless network, i.e., "Linksys", "SmithFamily" or "123Main". Then your network won't show up in the list of "available networks" that casual freeloaders browse to find open wifi networks. Some people think it's fun to change their SSID to "FBI Surveillance Van" or "Network Not Found" but that doesn't make them any more secure.
- Use MAC address filtering. MAC addresses can be used to allow and disallow specific devices (computers, tablets, smartphones) on your wireless network. A MAC address (which has nothing to do with Apple Macs) is a unique string of hexadecimal numbers embedded into almost every digital device, akin to a Social Security Number. A router can be configured to allow only devices from a list of specific MAC addresses on a network, or to block specific MAC addresses and allow all others. The downside is that you have to maintain a list of allowed MAC addresses.
To modify any of these wifi security settings, you first have to login to the wireless router. Most commonly, you can enter http://192.168.0.1 or http://192.168.1.1 in your web browser to connect to the router. If you don't get a login prompt, enter the ipconfig command at a Windows command prompt. Look for the "Default Gateway" line, and you'll find the router address there. On a Mac, click the Apple, then System Preferences / Network / Ethernet /Advanced / TCP/IP tab, and the router address is displayed.
Unfortunately, I can't give specific instructions for changing the security settings, because there are so many types of routers, and the interface for each is different. A bit of Googling or help from your Internet provider should help you find the right place to make each change to the wireless security settings.
None of these techniques are fool-proof, but taken together they will add layers of security to your wifi network. These steps will also keep you safe from neighbors who might want to "borrow" your Internet access, or hackers looking to take advantage of soft targets.
Do you have something to say about wireless network security? Post your comment or question below...
This article was posted by Bob Rankin on 18 Feb 2020
| For Fun: Buy Bob a Snickers. |
 |
Prev Article: How NOT to Get Scammed on Craigslist |
The Top Twenty |
Next Article: Geekly Update - 19 February 2020 |
 |
Post your Comments, Questions or Suggestions
|
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- Here's Your Wireless Network Security Checklist (Posted: 18 Feb 2020)
Source: https://rankinfile.com/heres_your_wireless_network_security_checklist.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Here's Your Wireless Network Security Checklist"
Posted by:
Renaud Olgiati
18 Feb 2020
Another way to make your WiFi more secure is to disable DHCP, and rely on fixed IP addresses for both the WiFi hub and all the apparatus that will connect to it.
Posted by:
John T.
18 Feb 2020
Thanks Bob! Via my ISP I only have a modem. I purchased and maintain my own WIFI router. As many of my component that I can are direct connected. Phones/Tablets and my Rokus are via WIFI. I did change my password to a 12 digit or longer one! As well, I use a guest access with its own password that I only share with a select few.
Posted by:
Len Barrows
18 Feb 2020
Bill Burr's password advice has been updated, see: https://www.bbc.co.uk/news/technology-40875534
Posted by:
Paul S
18 Feb 2020
Be careful with restricting all users to MAC address screening. If you don't allow WiFi access to your router admin functions you will be locked out if your computer that you usually use to connect to the router is bricked. Of course a router factory reset can fix that and some routers allow you to save a copy of your settings.
Posted by:
hifi5000
18 Feb 2020
Good advice today from Bob Rankin's checklist.I use my wi-fi mostly for internet radio,so I will turn the access off when there is no use.All of my machines use wired ethernet as the connections are more secure and I don't have to worry about wireless interruptions.
Posted by:
Gary
18 Feb 2020
My brother had a good SSID Name...”Virus4U”, keeps them all away 👍🏻
Posted by:
Ol'PB
18 Feb 2020
I used to use MAC address filtering, but have given up on it as it's too much hassle for me. I have 4 devices that connect to the network (PC, printer, tablet, & phone); add in the wife and 2 children all with multiple devices and games consoles, and it became more trouble that I thought it was worth.
Posted by:
Paul
19 Feb 2020
I've never bothered with MAC filtering of SSID broadcast disabling:
https://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.html