How to better secure your home WiFi

I wrote an article previously on how to check who is using your WiFi network. For those who missed it, the article is about using a tool called Wireless Network Watcher to check who is in your wireless network.

There is a lot of reason why you want to secure your wireless network

1. Save guard your data from being sniffed out by malicious parties.

2. Prevent bandwidth stealing

3. Prevent your network from being hijacked and used as proxy for hackers or any malicious activities.

So, how do I protect my WiFi from unauthorized access?

There are a plenty of ways to harden the security of your wireless network. Most of them are easy to setup, while some need a little bit of configuration on your wireless router. There are so many routers out there and we can’t possibly provide the details setting of each. Instead, we will share with you the general idea of the configurations.

1. Change SSID Name

To make it easy to deploy, manufacturer will ship your router preconfigured with the default SSID name and password. If I see a wireless network with a default SSID name, it makes me think that most probably the password will be the default password as well. I can just look it up on the internet and there is a high chance that I can get access to your network.

2. Hide Your SSID

One neat trick is to hide your SSID. When you hide your SSID, you will need to manually add your SSID network to your device in order to get connected to it instead of the standard SSID broadcast which can be picked up by everyone.

3. Change Default Password

Most WiFi password is preconfigured by the manufacturer so that when you connect to your network, you can easily connect to it. Most people tend to overlook this. If you google default password for your router, you will get hundreds if not thousands of results related to your search.

4. Use WPA2 Encryptions

There are 4 main type of encryptions for Wifi; Open (no encryptions), WEP, WPA & WPA2. Always use WPA2. If you are using Open or WEP, the chances that your wireless network being breached are high since the encryption is weak. WPA with TKIP is actually an interim encryption method used for securing WiFi when WiFi security was still evolving several years ago. WPA2 is the upgrade version of WPA and you should use this at all time.

5. Connected Device List

Most commercial routers will have a web interface for management and from here you can see list of connected device. You can also use the tool, Wireless Network Watcher to check who is in your network. It’s a good idea to check this once in a while, so you know who might be siphon out your bandwidth from you

6. Enable MAC Address Filtering

MAC address filtering allows you to whitelist your known devices so that only these devices can connect to your router. When an unknown device is trying to connect the router even if they have the password, the router will automatically drop their session making them unable to connect to the network. Most router web interface need you to manually enter the MAC address which you can grab them from the list of connected devices or manually from the device. I have also written ways to get the MAC address of common device in the previous article, Use this tool to check who is using your WiFi .

7. Disabled WPS if Not in Use

WPS makes it easy for a new device to connect to a wireless network without having to enter long key passphrase. Device such as your XBOX or Sony Playstation or even your SmartTV will pretty much benefit from it. I don’t really use it since I prefer to type the long passphrase and I found it to be inconsistent across device. There are several security paper published on the vulnerability of WPS which comes to my recommendation which is if you have a device that easily key in your passphrase, use it instead of WPS.

Here are 7 things you can do to secure your wireless network. It work individually but it works effectively in combinations of more than 2 methods. Good luck!