It’s okay to want to feel safe. A good start at making your wireless home network more secure is to create layers of security. By creating several obstacles to deter hackers and other unauthorized users, your network will be less vulnerable to malicious attacks and network “poaching”. To begin protecting your wireless network, follow these easy steps.
- Step 1 - Change and Hide Your Network SSID
Wireless routers come preconfigured with a SSID from the manufacturer. This is typically an easy-to-guess name such as “default”, “linksys”, “netgear” or “wireless”. The first layer of security for your home network includes changing your SSID from the manufacturer default name and hiding it from public view. While this step alone is not sufficient to deter experienced hackers, it will keep novice poachers away. If you need help determining which SSID is associated with your network, please read this article first.
Change Your SSID
When considering a new SSID for your network, be careful to select a name that is hard for outsiders to guess. Don’t use your name, address, birthday or other personally identifiable information. Your SSID should contain both numbers and letters (case sensitive) and should be as long as the maximum length allowed (32 alphanumeric characters). You can find specific instructions for changing the SSID on your wireless router in the User Guide or on the manufacturer’s website. You may also follow the general instructions below to change your SSID:
- Open a web browser
- In the address bar, enter http://192.168.1.1 or the default router address.
- Enter your login and password. If you have not made any modifications to your router, the login is likely “admin” and the password is likely “password”. (Instructions for creating a more secure login and password are provided in the next Security Layer)
- Once you have logged into the router, navigate to the wireless settings page, section or tab
- In the SSID field, enter the new SSID you have chosen for your wireless network
- Save your settings
Hide Your SSID
Once you have given your network a new SSID, proceed to hiding it from public view. The steps required to hide your SSID vary by equipment manufacturer and you will find the most accurate information by consulting the User Guide for your equipment. You can also find detailed instructions online for popular brands such as Linksys/Cisco, Netgear, D-Link and Belkin.
- Step 2 - Change Your Default Administrator Password
Wireless routers and access points are typically equipped with a user-friendly web interface for convenience in enabling configuration settings. These devices are often shipped from the manufacturer with default passwords that can be easily located by searching the Web thus making access to them a cinch even for a novice user.
To maintain your wireless home network’s security, the default administrator password should be changed as soon as the wireless router or access point is installed. You should select a password that is unique and private and difficult for others to guess
To change your default administrator password, follow these steps:
- Open a web browser
- In the address bar, enter the router’s address which is typically in the form of http://192.168.x.x
- Enter the default login and password. If you have not made any modifications to your router, the login is likely “admin” and the password is likely “password”.
- Once you have logged into the router, navigate to the administrator settings page, section or tab
- In the password field, enter the new password you have chosen for your wireless router or access point
- Save your settings
- Step 3 - Enable Encryption
Virtually all wireless routers have some form of encryption built in that scrambles information sent over the network to reduce the risk that it will be intercepted and used in a malicious way. There are several forms of encryption for wireless devices and it’s important to make sure that you have a form of encryption enabled on your home network.
To achieve maximum security, you will need to choose the strongest form of encryption that is compatible with your network equipment. However, encryption technologies on all network devices must be an exact match, so you may need to find a “lowest common denominator” setting. The instructions for enabling encryption are presented below, with WPA being the strongest form of encryption and WEP being the weakest.
WPA is an acronym for WI-Fi Protected Access and you can learn more about the history and development of WPA here. To enable WPA on your wireless home network, you’ll first need to determine that all devices connected to your wireless network are WPA-capable. Because each wireless router configuration is different, please refer to the User Guide for your router, or contact the manufacturer, for specific instructions on enabling WPA encryption on your network.
WEP is an acronym for Wired Equivalent Privacy and you can learn more about the history and development of WEP here. WEP works by using special security codes called WEP keys to encode information travelling over the network. A WEP key is a series of hexadecimal digits composed of numbers 0 through 9 and letters A through F. Identical keys must be stored on the wireless router and on each device that is connected to the network. Because each wireless router configuration is different, please refer to the User Guide for your router, or contact the manufacturer, for specific instructions on creating WEP keys and enabling WEP encryption on your network.
- Step 4 - Set up MAC Filtering
Many wireless routers have the ability to grant certain pre-determined computers and equipment access to the network, while denying access to any unknown device. This feature is called MAC address filtering and is normally turned “off” by the manufacturer. To improve the security of your wireless home network, consider investing a little time to set up MAC address filtering.
To set up MAC address filtering, follow these steps:
- Determine the MAC address of each piece of equipment that will be permitted to access the network, including desktop and notebook computers, printers, set top boxes, game consoles and other wireless devices. Each device should have a label on the casing that displays the MAC address. If it does not, refer to the User Guide for that device to find out where the MAC address is listed.
- Log into your wireless router by entering http://192.168.0.1 in the address bar of your web browser.
- Navigate to the settings page or section labeled “MAC Filtering” or “Hardware Filtering”.
- Follow the prompts to enter the MAC address of each device that is permitted to connect to the network.
- Turn on the MAC Filtering feature and save the settings you just entered.
Once you have turned MAC address filtering on, the router will check the MAC address of each device that attempts to connect to the network. Devices contained in the list you entered will connect normally and devices that are not on the list will be denied access. Is is important to be aware that hackers can still “spoof” an approved MAC address and use it to access your network; so, while MAC filtering does not offer perfect protection it offers an added obstacle to deter hackers and poachers.
Also, please do not confuse MAC address filtering with content filtering. If there are certain websites you’d like to block, or if you want to establish parental controls for your wireless home network, please refer to this article.