Securing Your Wireless Network
A short guide to securing your wireless network.
By Michael Lang on February 27, 2014
If you're like many, you probably have a wireless (Wi-Fi) network in your home. Whether your ISP installed a DSL or cable modem with wireless capabilities or you bought a wireless router yourself and set it up, the chances are, its not completely secure to you and your family.
While Wi-Fi networks provide many benefits, an unprotected network can result in unauthorized use and potential harm unless certain steps are taken. In some cases, unauthorized users may be able to access your private information, view the content of transmissions, download unlawful content using your network or infect computers with viruses or spyware. Unauthorized users may potentially cause harm beyond your computer or network by pirating music and movies, sending spam, spreading spyware or viruses to others. These malicious activities can be traced back to your network.
How to Secure a Wireless Network
The following tips will help you secure a Wi-Fi network against unauthorized access. These are general steps to take, so please consult the owner’s manual that came with your wireless router for specific step-by-step instructions. Manuals are often available on the manufacturer’s website. You will find several helpful links at the bottom of this page for product manuals from some of the most popular manufacturers.
1. Turn Encryption On
Turning on your wireless router’s encryption setting can go a long way toward securing your network. If you do nothing else, this is the one single step you can take that will have the most impact on securing your wireless network. Wireless routers often come out of the box with the encryption feature disabled. The first thing you should do every time you install a new wireless router is check that encryption is turned on. There are different types of encryption, but “WPA2” currently is the most effective standard and should be your go-to choice. To turn on encryption, you will need to pick a wireless network password. Longer passwords that utilize a combination of letters, numbers and symbols are more secure.
2. Turn the Firewall On
A “firewall” is designed to protect computers from harmful intrusions and can be hardware-based or software-based. Wireless routers generally contain built-in firewalls, but are sometimes shipped with the firewall turned off. Turning on your firewall prevents uninvited incoming malicious traffic from scanning your entire network.
3. Change Default Passwords
Most wireless routers come with preset passwords for administering the devices settings (this is different from the password used to access the wireless network itself). These passwords are documented in the manufacturer's manuals, so are well-known to would-be hackers. So it is important to change the router device’s password as soon as it is installed to keep an unwanted intruder from wrecking havoc on your wireless network. Again, longer passwords made up of a combination of letters, numbers and symbols are more secure.
4. Change the Default Name of the Network
A network’s name is known as its “SSID” (service set identifier). When a computer with a wireless connection searches for and displays the wireless networks nearby, it lists each network that publicly broadcasts its SSID. Manufacturers usually give all of their wireless routers a default SSID, which is often the company’s name. It is a good practice to change your network’s SSID, but to protect your privacy do not use personal information such as the names of family members.
5. Turn Network Name Broadcasting Off
Wireless routers may broadcast the name of the network (the “SSID”) to the general public. This feature is often useful for businesses, libraries, hotels and restaurants that want to offer wireless Internet access to customers, but it is usually unnecessary for a private wireless network. It is recommended that owners of home Wi-Fi networks turn this feature off. When you turn off SSID broadcasting, you'll need to remember your SSID when connecting your own computers to the wireless network, often performing a couple additional steps to bring up a dialog that lets you type the SSID in and then your wireless password. A little bit of an extra hassle for you, but it helps prevent the so-called "drive by hackers" from discovering your network as a potential target.
6. Use the MAC Address Filter
Every device that can connect to a Wi-Fi network has a unique ID called the “physical address” or “MAC” (Media Access Control) address. Wireless routers can screen the MAC addresses of all devices that connect to them, and users can set their wireless network to accept connections only from devices with MAC addresses that the router is set to recognize. This is one of the more burdensome steps you can take as you have to know how to look up the MAC address of each device and the identification steps vary greatly from operating system to device, so this step is generally only recommended to the more technically savvy. However, this step will indeed lockdown your wireless network to only the very specific devices you have identified as belonging on your wireless network.
Additional Wi-Fi Safety Tips
- Turn off your Wi-Fi network when it will not be in use for extended periods of time
- Use anti-virus and anti-spyware software on the computers that access your wireless network
- Never assume that public wireless networks are secure -- do not do your online banking at public wi-fi hotspots
Links to Additional Wi-Fi Security Resources
Operation manuals for many wireless routers may be found at the manufacturers’ websites. Here are links for several manufacturers:
Apple Airport: support.apple.com/manuals/#airport
Buffalo Inc.: www.buffalotech.com/support/