Tuning your home Wi-Fi router for cybersecurity

This article is intended for non-technical people concerned about the security of their home Wi-Fi. If it’s your first time setting up your Wi-Fi manually, welcome.

Before we talk about your Wi-Fi router, we need to determine a few things and explain a little. The internet signal comes to your house either through the phone line or the cable company. When it’s travelling over the phone line or cable, it’s not an internet signal. There’s a box that your internet service provider installed that converts that signal into a proper internet signal. That box is called a modem.

In order for every device in your home to access the internet, the internet from the modem has to connect to another device called a router which will route that one internet signal to every device to your home either with a physical cable or over Wi-Fi. It will connect with a cable that should look familiar to you with a plug at the end that looks like a phone cord, but wider. For almost every router for home use, it also handles the Wi-Fi access so it can also be called the Wi-Fi access point when talking about its Wi-Fi.

Some internet providers only provide the modem, and you have to buy your own router/Wi-Fi point. You’ll have two boxes connected by only one internet cable. Other internet providers include the modem/router/Wi-Fi point all in one box. You’ll only have one box.

So, if you only have one box, we know that it’s also the router/Wi-Fi access point. If you have two boxes, it’s the second one NOT attached to the the cable/phone line.

Now, we need to get access to the administration page of the router/Wi-Fi access point. That information is printed on the outside of every router, but in very tiny print. I included pictures as Figures 1 and 2 below to show you how the information can be presented. Since the print is incredibly small, I also show an enlarged portion of the information that we’re looking for. Pro tip: Take a picture of it with your phone and then enlarge it to make it visible.

Figure 1, Netgear Home Router Label Information.

 

Figure 2, D-Link Home Router Label Information.

 

From any computer connected to the router, simply type in the given internet address into a browser where you would normally type google.com or amazon.com, and you should be prompted for a user account name and a password. Figures 3 show typical router administration page addresses. Notice that there are the default username and password are also printed on the outside of the router.

 

Figure 3, Typical Router Administration Addresses.

 

Hopefully, the username and password were changed when the router was originally setup and you aren’t using the defaults. If you don’t know the username and password, try the defaults just in case. If those don’t work, then it should be in paperwork somewhere, either from your internet service provider or with the manual from the router when it was first installed.

If you can’t get a username and password to the administration page of the router, then have to reset your router to factory defaults. On home routers, there is a recessed button that can only be pressed by the end of a paperclip. It should be clearly marked reset. Pressing this button for 10 seconds or 3 times quickly while the router is plugged in should reset the router to the factory default condition. The lights on the router will change, and you may need to wait a few minutes until the lights return to normal operation. If you only have one box and it was supplied by your internet service provider, you may also need to call them to reset the router. The reset not only resets the administration page username and password but also your Wi-Fi signal’s name and password.

Once you’ve entered the right account name and password, you should be presented with what looks like a website, but it is actually the interface for you to change settings on your router. Figure 4 is typical.

Figure 4, Typical Router Administration Page.

 

If you’re using the default password to access the router, that’s the first thing you want to change. On the system I’m using here in Figure 5, I had to access the “Advanced” tab which shows an Administration dropdown menu. Please record safely the new password for accessing the router administration page.

Figure 5, Changing the Administration Password.

 

If you’re using the default Wi-Fi name and password, you’ll want to change that next. You should generally not make your Wi-Fi name directly related to your street address or personal name. Google funny Wi-Fi names if you want to be humorous with it. The Wi-Fi password needs to be changed because there are public lists of default Wi-Fi passwords available which makes it easy for people to try everyone until they find the right one. The password should be complex, but you’re limited to 8 characters. Also, some old Wi-Fi enabled devices don’t allow for special characters so I’d suggest staying to upper case, lower case, and numbers.

You’re likely going to notice that most routers have a 2.4GHz and a 5.0GHz Wi-Fi network. To not get lost into technical detail, I am just going to say to put in the same Wi-Fi name for 5.0GHz with a “5” at the end of it and use the same password. Then when you are connecting to the network, you can choose the “5” network or the regular network.

Next, you should look for the ability to enable a guest network. It will have it’s own Wi-Fi name and password. Make this password different from the others as you will be telling this password to friends and guests. If you see it, make sure that Enable Wireless Isolation is enabled. I show an example of the settings in Figure 6.

 

Figure 6, Guest Network Setup.

 

Now, you can choose the logout button, or just close the browser.

If you’ve changed the name of your Wi-Fi or password, you will now need to update that information on every device that connects over Wi-Fi. Remember that only devices that need to talk to each other like a shared printer and other computers should be connected to the main Wi-Fi. All other devices should be connected to the guest network.

Some researchers have found that as many 80% of home routers have the default administration password. This is bad because it can allow an attacker to be able to open up your network to the internet, and even use your router itself for illegal activity.

Changing your Wi-Fi password stops anyone close enough to get a Wi-Fi signal from using your internet service whether just for stealing access of illegal activities that could be traced back to you.

Using the guest network greatly increases your security as well because cheap internet connected devices are notorious for bad security and can sometimes be quite easy to access and use by attackers. Keeping them isolated prevents attackers from then moving on to other high value targets like your computer on which you do online banking.

If you’ve successfully setup your home router, congratulations. You’re not only more secure, but may be becoming a “techie.”

Share this