Wi-Fi Security Tips

Published 17 July 2019

Many people don’t give much thought to the security of their Wi-Fi Networks – After all, your router is safe and sound inside your home or office, right?

Not entirely so. As with your internet accounts, there are hackers lurking around seeking vulnerable areas to take advantage of. Their goal is to use one or more nefarious techniques to either "steal" your Wi-Fi, gain access (even control) to your connected devices, or to steal valuable data. Being a victim of any one of these invasive cyber-crimes can be traumatising, and has been downright disastrous for some.

If you find that your once-great internet speeds have suddenly slowed to a snail’s pace, that your connection is often interrupted for no apparent reason, or that your data package runs out way ahead of schedule, you may already be a victim of Wi-Fi theft!

In order to secure you router, you will need to access its Admin Interface. To do so, follow these steps (may vary between models):

  • First, you need to know your router’s IP Address (an 8-10-digit number separated by points. If your router was set up with the default SSID, then this can usually be found on a sticker somewhere on the router itself. If you can’t find it, or your router was given a different SSID after set-up, you can determine its current IP address by

      1. Open the Command Prompt (Windows computers = type “cmd” in the search bar and click “Run” or hit “Enter”)

      2. In the window type “ipconfig”, followed by the Enter key. You will see your router’s IP address next to “Default Gateway”.

      3. Copy-paste this into your browser and it should take you to the admin interface. You don’t need bandwidth data to do this.

  • From there, you need to log in to the interface. Hopefully you have these login details saved somewhere. If not, there are some methods of recovering the password. If those don’t work, a factory reset will do the trick (but will also require you to set up the router from scratch).

  • Once you are logged in, look out for the following options to make sure your Wi-Fi network is as secure as possible:

The first defense against hackers is a strong password. Some people make the mistake of leaving the default password active, but this is a huge security risk. Read this article about creating a strong password.

If there are any available firmware updates, download and install these, and possibly set your router to automatically do routine updates in the future. This may activate better security settings that were previously not available on your router (See this article about router care for more info). Unfortunately, some older models are simply no longer supported. If that is the case with your's, it may be time to consider getting a newer model.

There are several security protocols out there, but which ones your router supports depends on the model. Older models using WEP or WPA are more susceptible to attacks, while your standard model today supports WPA2 and WPA3 protocols (the latter being the most secure to date), but are not yet widely used. You’ll probably find that the WPA2-PSK [AES] / Personal is your best option. Don’t opt for an Open Network - the most vulnerable option.

If available on your model, setting up one of these can be a good idea when you often have to share your Wi-Fi password with guests. A Guest Network will prevent them from gaining access to your shared files or other devices connected to the network. Just make sure to set it up with a different SSID and password to your main network to avoid confusion.

Make this a custom name, rather than leaving it as the default. Not doing so could alert hackers to the router model you are using- knowledge they can use to their advantage. You can change the SSID anytime you feel necessary, though keep in mind that you will have to reconnect all your devices afterward. If you want to avoid the possibility of being targeted by a “wardriver” (Google it), you can disable the broadcasting of your network’s SSID. Note that this will make your Wi-Fi network “invisible” to all Wi-Fi enabled devices not already connected to it. Thereafter new devices wanting to connect will need your router's SSID entered into their Wi-Fi scanner manually. The correct spelling is crucial here.

Having this turned on is yet another safety measure that you may benefit from. Not all routers have this feature built in, but many of the newer models do. Note that the labelling for this setting may be different (like NAT or SPI) from brand to brand. Also, be careful when playing around with these settings, as a wrong step could lead to security breaches. Also, some firewalls may cause issues with internet connectivity if not configured correctly.

A “Virtual Private Network”. This is optional, and enabling this hides your router’s IP address, as well as that of any devices connected to it, from all websites you visit. Again, not all routers come with this feature, thus a separate software may be needed to set this up. Read more about this here...

Not available on every model, but very important if you have children using the network without supervision. Here you can set barriers in order to protect them from potentially dangerous content, as well as schedule access times. More on this here...

If you need your router’s security to be evaluated or tightened, FLS is happy to assist!

Image of a floating FLS icon portraying a feather within a colorful circle