Many families use their Wi-Fi networks at home in the fast-boiling process to get their Internet connection up and running as fast as possible. That's understandable, of course. But: It's also very risky because it can result in a lot of security issues. And today's WLAN network products do the rest, because the configuration of their security features can be quite time-consuming and difficult and thus be skipped.
We've put together 10's most important tips for you to improve the security of your WLAN at home. Even if you only follow a few of them, that already helps!
1. Change the default administrator passwords (and usernames)
At the heart of most home Wi-Fi networks is a broadband router or wireless access point. These devices have a built-in web server and web pages that allow the owner to enter their network address and account information.
These web tools are protected by login screens that require a username and password so that only authorized persons can make administrative changes to the network. But these default logins of the router producers are very simple and well known to hackers on the internet. That's why you should change these settings immediately.
2. Enable wireless network encryption
All WLAN devices support a form of encryption. Such encryption technology hacks messages sent over wireless networks so they are not easily read by others. Today, there are already a variety of encryption technologies, such as WPA and WPA2.
Of course you want the best form of encryption for your network. These technologies work so that all Wi-Fi devices in a network share the same encryption settings.
3. Change the default SSID
Access points and routers use a network name called Service Set Identifier (SSID). Manufacturers usually ship their products with a preset SSID. For example, the network name for Linksys devices is usually "linksys" - not extremely creative.
Knowing the SSID doesn't necessarily mean your neighbors can automatically break into your network - but it is a start. Far more important is the fact that a preset SSID indicates a poorly configured network that is almost calling for an attack ... Therefore: Change the preset SSID immediately when you configure the wireless security on your network.
4. Activate the MAC address filter
Each WLAN device has a unique identifier called the physical address or Media Access Control (MAC) address. Access points and routers track the MAC addresses of all devices connected to them. Many of these products offer the owner an option to enter the MAC addresses of their devices, forcing the network to allow only connections from these devices. This provides a new level of home network protection, but the feature is not quite as powerful as it seems. Hackers and their software programs can easily spoof MAC addresses.
5. Disable the SSID transmission
In wireless networks, the router typically transmits the network name (SSID) at certain intervals. This feature was created for businesses and mobile hotspots where Wi-Fi customers can log on and off. However, it is not necessary in a home, nor does it increase the likelihood that someone will attempt to log in to the home network. Fortunately, most wireless routers allow the network administrator to disable SSID transmission.
6. Stop auto-connecting to public Wi-Fi networks
Connecting to a public network, such as a wireless hotspot or your neighbor's router, exposes your computer to security risks. Normally, although most computers are not activated, they have a setting that allows them to connect automatically, without informing the user. This setting should not be activated except for occasional situations.
7. Position your router or access point strategically
Wi-Fi signals usually reach into the exterior of a home or apartment. A small signal loss outside is not a problem, but the further this signal spreads, the easier it is to find and exploit others. For example, Wi-Fi signals often range from neighboring homes to out-doors.
When you install a wireless home network, the location and physical orientation of the access point or router determine its range. Try to position these devices in the center of your home rather than near a window to minimize losses.
8. Use firewalls and security software
Modern network routers include built-in network firewalls, but you can disable them as well. So make sure your router's firewall is turned on. For further protection, consider installing and running additional security software on each device connected to the router. Too many layers of security applications are overkill. An unprotected device (especially a mobile one) with critical data is worse.
9. Give your devices static IP addresses
Most home network administrators use Dynamic Host Configuration Protocol (DHCP) to assign IP addresses to their devices. The DHCP technology is really easy to set up. Unfortunately, their simplicity also benefits network attackers who can easily extract valid IP addresses from the DHCP pool of a network.
Turn off DHCP on your router or access point, and instead set up a private IP address range, then configure each connected device with an address from it.
10. Turn off the network if it is not used for a long time
The most important protection measure for wireless networks is obvious: A switched off network keeps hackers out safely. Of course it is not practical to turn the devices on and off permanently. But when you go on vacation, you should seriously consider switching off your network.
If you own a wireless router, but only use it for (wired) Ethernet connections, you can sometimes turn off your WLAN on a broadband router without having to shut down the entire network.
Does not sound so difficult, right? Take your time and follow these 10 tips (or at least a few of them) to make your home network more secure!