Having an open wireless network can be a security risk as it may allow anyone who is close enough to your router (e.g. a neighbor or someone war driving) to access your network. With more and more devices connected to the internal network of your home, this is becoming a big security issue.
To make your home wireless network more secure, consider the below suggestions.
Tip: All of the steps below will require access to the router setup, and we also recommend configuring wireless security over a computer with a wired connection to the router if possible. Because all routers are different we cannot provide specific steps for every router. Check your router’s documentation for exact instructions.
Wireless Security on router setup
If you have never been prompted for a key, password, or passphrase when connecting to your wireless network, it is an unsecured network. In other words, if anyone is close enough to your router, they could connect to your network. To enable security, open your router setup screen and look for a Wireless Security section.
Select the wireless security method of either WEP, WPA, or WPA2 (we suggest WPA or WPA2, which is mentioned further down on this page) and enter a passphrase to generate the keys. After enabling security on the router, any wireless device that wants to connect to the router must have the key to connect to your network.
Change the default password
Make sure the router password is not using the default password. If the default password is being used, it can be easily guessed and give someone access to your router. With access to the router setup, a person could change your router settings, including viewing and changing any security keys.
Use at least WPA encryption
Many routers today will offer two or three different security schemes: WEP, WPA, and WPA2. We recommend WPA or WPA2 security since it is more secure than WEP. However, for compatibility with some older devices, such as gaming consoles, TiVo, and other network devices, WEP may be the only security option possible to use. Using WEP is still better than no security at all.
Disable remote administration
When enabled, remote administration allows anyone close enough to your router to view or change your router settings. If you never plan on remotely administrating your network, e.g. wirelessly connecting to the router, we recommend disabling remote administration. With routers that support this option, it is often disabled through the Administration section.
When disabled, the router settings can still be changed using any computer that is directly connected to the router using a network cable.
Change the default SSID
The SSID is the name that identifies your wireless router. By default, many routers will use the name of the router as the default SSID. For example, Linksys routers use ‘Linksys’ as the SSID. Using a default SSID is a security risk since it identifies the brand of the router and would let any attacker immediately know what exploits to use.
Enable the router firewall
Many routers also have a firewall that can be enabled. If available, we also suggest enabling this feature, as it helps add an extra layer of security to your network.
Disable SSID Broadcast
To help make finding your wireless network easier, wireless routers broadcast your SSID, which means anyone looking for a wireless router could see your SSID. To help make it more difficult for someone to find your network when browsing for a wireless network, you can disable the SSID broadcast feature. However, when disabling the SSID broadcast, it will require that you manually enter your router’s unique SSID when wanting to connect any new device to your network. This will take a little more effort to get connected but it is more secure.
Enable MAC Filter
The Wireless MAC filter feature only allows a wireless device to connect to your router if the MAC Address has been entered into the filter list. Doing MAC filtering can make connecting new devices to your network more difficult, but improves the overall security of your wireless network.