Having an open wireless network can be a security risk as it may allow anyone who is close enough to your router (e.g. a neighbor or someone war driving) access to your network. To make your home wireless network more secure consider the below suggestions.
All of the below steps will require access to the router setup, and we also recommend configuring wireless security over a computer with a wired connection to the router if possible. If you do not know how to access the router setup, read document HERE.
Close the network
If you have never been prompted for a key, password, or passphrase when connecting to your wireless network it is an open network, meaning anyone close enough to your router could connect to it and browse your network. To enable security, open your router setup screen and look for a Wireless Security section. In the picture below, is an example of a Linksys router setup in the Wireless and Wireless Security section.
Select the wireless security method of either WEP or WPA (we suggest WPA as mentioned later) and enter the passphrase to generate the keys. After enabling security on the router, any wireless device that wants to connect will need to have a key in order to connect to your network.
Change default password
Make sure the router password is not still set to the default password. If the password is easily guessed this could give someone access to the router setup, which could allow them to change your router settings, including viewing any security keys.
If available use WPA, not WEP
Many routers today will offer two different types of security: WEP and WPA. We recommend WPA security, since it is more secure than WEP. However, for compatibility with some older devices such as gaming consoles, TiVo, and other network devices may only be able to use WEP, and WEP is better than no security.
Disable remote administration
When enabled, remote administration allows anyone close enough to your router to view or change your router settings. If you never plan on remotely administrating your network, e.g. wireless connecting to the router, we recommend disabling remote administration. With routers that support this option, it is often disabled through the Administration section.
After disabled, the router settings can still be changed using any computer connected to the router using a network cable.
Change the default SSID name
The SSID is the name that identifies your wireless router. By default, many routers will use the name of the router as the default SSID, for example, Linksys routers will often use 'Linksys' as the SSID. This is a security risk since it identifies the brand of the router and would let any attacker immediately know what exploits to use.
When naming the router do not use your family or any other identifiable information. For example, if the SSID contains your families last name it can quickly identify by any neighbor.
Enable router firewall
Many routers will also have their own firewall that can be enabled. If available, we also suggest enabling this feature as it will help add an extra layer of security for your network.
Disable SSID broadcast
To help make finding your wireless network easier wireless routers broadcast your SSID, which means anyone looking for a wireless router could see your SSID. To help make it more difficult for someone to find your network when browsing for a wireless network you can disable the SSID broadcast feature. However, when disabling the SSID broadcast it will require that you manually enter your unique SSID when wanting to connect any new device to your network.
Enable wireless MAC filter
The Wireless MAC filter feature will only allow a wireless device to connect to your router if the MAC Address has been entered into the filter list. This can make connecting new devices to your network more difficult, however, will also greatly improve the overall security of your wireless network.
A quick and easy to set this up is to connect any wireless device you want on your network to your router before enabling wireless MAC filter. After each device has successfully connected, open the DHCP client table, often found in the Status or Local Network section. Each device that has connected to your router thus far will display the MAC Address, which can be copied into a notepad and pasted into the Wireless MAC filter section of the router Security section.
All of the below steps will require access to the router setup, and we also recommend configuring wireless security over a computer with a wired connection to the router if possible. If you do not know how to access the router setup, read document HERE.
Close the network
If you have never been prompted for a key, password, or passphrase when connecting to your wireless network it is an open network, meaning anyone close enough to your router could connect to it and browse your network. To enable security, open your router setup screen and look for a Wireless Security section. In the picture below, is an example of a Linksys router setup in the Wireless and Wireless Security section.
Select the wireless security method of either WEP or WPA (we suggest WPA as mentioned later) and enter the passphrase to generate the keys. After enabling security on the router, any wireless device that wants to connect will need to have a key in order to connect to your network.
Change default password
Make sure the router password is not still set to the default password. If the password is easily guessed this could give someone access to the router setup, which could allow them to change your router settings, including viewing any security keys.
If available use WPA, not WEP
Many routers today will offer two different types of security: WEP and WPA. We recommend WPA security, since it is more secure than WEP. However, for compatibility with some older devices such as gaming consoles, TiVo, and other network devices may only be able to use WEP, and WEP is better than no security.
Disable remote administration
When enabled, remote administration allows anyone close enough to your router to view or change your router settings. If you never plan on remotely administrating your network, e.g. wireless connecting to the router, we recommend disabling remote administration. With routers that support this option, it is often disabled through the Administration section.
After disabled, the router settings can still be changed using any computer connected to the router using a network cable.
Change the default SSID name
The SSID is the name that identifies your wireless router. By default, many routers will use the name of the router as the default SSID, for example, Linksys routers will often use 'Linksys' as the SSID. This is a security risk since it identifies the brand of the router and would let any attacker immediately know what exploits to use.
When naming the router do not use your family or any other identifiable information. For example, if the SSID contains your families last name it can quickly identify by any neighbor.
Enable router firewall
Many routers will also have their own firewall that can be enabled. If available, we also suggest enabling this feature as it will help add an extra layer of security for your network.
Disable SSID broadcast
To help make finding your wireless network easier wireless routers broadcast your SSID, which means anyone looking for a wireless router could see your SSID. To help make it more difficult for someone to find your network when browsing for a wireless network you can disable the SSID broadcast feature. However, when disabling the SSID broadcast it will require that you manually enter your unique SSID when wanting to connect any new device to your network.
Enable wireless MAC filter
The Wireless MAC filter feature will only allow a wireless device to connect to your router if the MAC Address has been entered into the filter list. This can make connecting new devices to your network more difficult, however, will also greatly improve the overall security of your wireless network.
A quick and easy to set this up is to connect any wireless device you want on your network to your router before enabling wireless MAC filter. After each device has successfully connected, open the DHCP client table, often found in the Status or Local Network section. Each device that has connected to your router thus far will display the MAC Address, which can be copied into a notepad and pasted into the Wireless MAC filter section of the router Security section.