In the home router we often don’t change the default settings, such as the password or the SSID, yet they are fundamental operations for security
When we buy a new router for the home Wi-Fi connection we worry, first of all, about its installation and configuration, so that we can start surfing as soon as possible. However, we don’t always take care of securing it, making one of the biggest mistakes we can make.
It is, in fact, a fundamental step in securing our devices and the data they contain. The router is not only our “gateway” to the Internet, but it can also be exploited by various cybercriminals to access our home network and spy on our devices (not only laptops, but also smartphones and tablets). All this despite the fact that securing your Wi-Fi router is not too complicated and, in the worst cases, takes a few tens of minutes. Just know a few tricks and follow some tips to “double-lock” your home wireless network and surf safely.
Change Home Wi-Fi Network Name (SSID)
While it may sound like a science fiction/conspiracy scenario, many cyber criminals “study” the names of Wi-Fi networks to find out whether or not the owners have tried to customize the router’s settings in an attempt to improve security. The name of the Wi-Fi network (Service Set Identifier or SSID in technical jargon), in fact, uniquely identifies the router within the assembly line of the various manufacturers: leaving it unchanged is a sort of warning that you haven’t had time to change the router’s security settings.
Changing the name of the Wi-Fi connection, fortunately, doesn’t take much time. First of all you need to find out the IP address of your router (usually 192.168.1.1 or 192.168.0.1, but not necessarily) and enter it in the URL bar of the web browser you usually use. After entering the credentials you will have access to the management panel of the home router: among the various items in the menu we should look for the one related to the Wi-Fi connection. Here we will find the SSID field: just enter a new name and that’s it.
When choosing the name of the Wi-Fi, however, it is useful to follow some “rules” that help to further improve the security of the wireless network. This will allow us to access the router’s settings. First of all, we do not use names related to our person, such as our home address, our year of birth or our last name. These are all data that the hacker could use to discover other passwords related to our devices or in a social engineering or phishing attack. Obviously for the same reason we don’t use as a name a code that we already use as another password on another service. We use a combination of letters and numbers until we reach the maximum allowed length. Moreover, it is advisable to carry out this operation once every two, maximum three months.
Change username and password of the router
Another weak point of the home Wi-Fi network is represented by the access credentials to the control panel and management of the router. To facilitate the first access of the users, almost to “invite” them to modify the default settings of the device, the username and password set by the manufacturer are very simple (usually the combination admin/password or admin/admin). An invitation, as we have seen, that remains unheeded in most of the occasions. Almost always, even, you avoid to change the access credentials to the control panel: a sort of capital sin for the security of the home network.
If a hacker were to succeed in connecting to your Wi-Fi (but the speech also applies to your friend particularly joker) could change username and password and prevent you from continuing to access the router. This could have several consequences: the hacker, for example, could also change your Wi-Fi password and prevent you from surfing with laptops and smartphones. Or even take advantage of it to study your data flow and online habits.
Changing your router username and password doesn’t take much time. After logging in to the control panel, look for the section dedicated to user management or maintenance or administration and locate the fields that interest you. Then you will be able to choose a new user name and a more secure password than the one chosen by default by the manufacturer of the device.
Make sure that the control panel of the router is not accessible from the Internet
To further increase the security level of your home network it is good to make sure that the router is not accessible from the Internet. That is, that the remote management of the router is not active. This setting, in fact, allows you to access and manage your router even hundreds of kilometers away, without the need to be physically connected to the network (either Wi-Fi or cable) created and managed by the router itself. This is a setting usually disabled, but it is always better to check and be sure that it is actually so.
After accessing the control panel of the router (read the previous paragraphs in case you do not know how to do it) you need to browse through the menu items looking for the Advanced section: here, most likely, you will find the item that allows you to enable and disable the remote management of the router. Once you’ve found what you’re looking for, make sure that the function is deactivated: in this way you’ll prevent a particularly “strong-willed” hacker from accessing your network even if he’s on the other side of the world.
In the same way, it’s a good idea to check that the DMZ (short for Demilitarized Zone) feature is deactivated. This function, in fact, allows you to remotely access the router with ease: usually its “switch” is located within the section Advanced; just turn it off to sleep easier.
Check the cryptographic protocol used by the router
To connect to the Wi-Fi network is good practice to activate the password authentication: in this way only users who know the access key will be able to connect to our network and have free access to the router (as well as Internet connectivity, of course). Equally important, however, is to check what encryption protocol is used by the router: this will allow you to surf the web safely, without the fear of a hacker ready to launch a man in the middle attack.
To check this setting you will have to access the control panel of the router again, look for the Wi-Fi section (or Wireless, in some cases) and browse through the various preferences already saved. Make sure that the item Security is set to WPA2-PSK (stands for Wireless Protected Access): this is the most advanced encryption protocol currently available on routers of all manufacturers and brands. If this is not the case, set WPA2 as the default protocol and, while you’re at it, change the Wi-Fi password as well: the security of your network will benefit even more.