Criminals love seeking out home Wi-Fi networks. When left open, unsecured and not protected by strong passwords, strangers can attack your gadgets and steal your information. They can upload or download illegal files and they can generally do whatever criminal activity they want.
It is not just about bandwidth theft that could potentially slow your connection down. More importantly, it is also about security and making sure that no Wi-Fi thieves are using your connection for illegal activities. Remember, when law enforcement traces the illegal activity, you – the router’s owner – are left being held responsible.
Of course, your neighbors can be the nicest people in the world and you absolutely trust them dearly. But how about “wardriving” strangers who are always driving around, hunting for unprotected Wi-Fi networks they can exploit? You will definitely need to protect your home Wi-Fi against these roving opportunists.
Here are a few tips we recommend for securing your Wi-Fi router against unauthorized network hitchhikers.
Check connected gadgets
Start by taking stock of your network. First, log into your router’s administration console. Every router has the same general steps for logging in. (You’ll want to have your router’s manual on hand to find out the specifics for your router.)
Make sure your computer is connected (either wired or wirelessly) to your router, then just open a web browser and type in the router’s IP address. The IP address is a set of numbers and the default depends on your router’s manufacturer. The common ones are 192.168.1.1, 192.168.0.1 or 192.168.2.1.
(If you don’t have your manual anymore, you can check your manufacturer’s site. Or visit this site that has thousands of manuals you can download.)
Once logged in, check the DHCP Client List or Attached Devices section that shows what gadgets are connected to your router. Typically, they are listed by IP address, MAC address and/or Name.
Once you have surveyed this list of connected gadgets, identify the ones that belong to you. Your computer should show up in the list using its name, for example. Your tablet or smartphone should have the manufacturer name in there somewhere.
If you can’t make sense of the list, simply turn off each gadget one by one or just disable the gadget’s Wi-Fi to match the corresponding gadget to the specific network address detail. For tracking purposes, jot these network details down for future reference.
Once you’ve taken an inventory of your known gadgets and discover connected addresses and gadgets that are unknown, you know you have a culprit. You might need to check back a few times if the internet slowdown is random. The culprit might only be using your internet infrequently.
If you want an easier solution, you can grab the aptly named Wireless Network Watcher. This free program gives you a list of gadgets connected to your Wi-Fi network. You can quickly fire it up whenever you want to check or just leave it open for real-time monitoring.
Encrypt your connection
Even if you spot a rogue connection, however, you won’t be able to tell who is connected. Well, not unless you want to barge into your neighbors’ houses to check their gadgets’ names and MAC addresses. For the record, I don’t recommend doing that.
Fortunately, it doesn’t matter. Encrypting your Wi-Fi network will usually be enough to keep intruders out. Click here to learn how to secure your Wi-Fi against intruders.
In fact, you should secure your Wi-Fi network no matter what. Like I mentioned earlier, there are too many horror stories of criminals or perverts using someone else’s Wi-Fi in hacking attacks or trading illegal images. As the owner of the Wi-Fi, you’re going to have to straighten things out with the police, and it won’t be fun.
Routers give you several encryption choices and very little guidance as to which one is best. Well, I can tell you right away which one not to use. It’s called WEP and stands for Wireless Encryption Protocol. However, it’s so old that it offers no security whatsoever. A hacker can be through it in minutes.
If you’re setting encryption, you want to select the encryption type that starts with “WPA2.”
“WPA2-PSK AES” is the newest and most secure. If you have older Wi-Fi gadgets, you might have to select the hybrid option “WPA2-PSK AES + WPA-PSK TKIP” to get them working.
If your network is already encrypted, and an outsider still accessed it, you should change your password immediately. Then keep an eye on things to see if they manage to get on again.
Note: Is WPA2 encryption still enough to protect your Wi-Fi network? A new Wi-Fi hack called KRACK was uncovered recently. Click here to learn how to protect your network from this new attack.
If they do, it’s possible they got into your router and set up a backdoor. Reset your router to factory settings – check your manual for instructions – then set it up again from scratch. That means changing the default password, enabling encryption, picking a new SSID and turning off any remote management features.
Note: If you change your encryption password, you will need to update the password on all your gadgets.
Fence out your guest network
If you always have friends and visitors visit your home regularly and of course, they always beg you to share your main Wi-Fi network password so they can leech off it, well, please don’t. There’s a better and safer way.
Most routers have a “Guest Network” option you can turn on. This feature lets you share your internet connection with your guests while keeping them off your main network, preventing them from seeing your shared files and services.
This guest network segregation will also work for your smart appliances and it can shield your main devices from specific Internet-Of-Things attacks.
To avoid confusion with your main network, set up your guest network with a different network name (SSID) and password. Please, make sure you set up a strong and super-secure password on your guest network, as well. You still won’t want crooks and strangers mooching off it for security reasons.
One important setting to check on your guest network is its access to your local files and networks. If you turn this on, your guests will still be able to see your shared files and devices on the main network.
This sort of defeats the purpose of having a separate guest Wi-Fi network in the first place, so make sure “local access” is set to off. This way, your guests will still get internet access but they can’t see any of your files and devices.
Turn off remote administration
Some routers allow remote administration so you or tech support can log in to your router remotely to fix problems or perform other tasks. Naturally, this leaves an opening for a hacker to log in.
Unless you actually use this feature, I would just turn it off. Again, this is in your router settings, usually under the Remote Administration heading.
One mistake people make using public Wi-Fi that lets everyone see their files
The security risk of having shared files over a network goes both ways! If you’re not connected to your own secure home network, make sure you turn off this setting before connecting to public Wi-Fi.