How to Hack-Proof Your Wireless Router

Maybe not hack-proof, but at least hack-resistant

The Wireless Connection
The Wireless Connection
Introduction

There's no such thing as hack-proof or hacker-proof, just like there is nothing out there that is completely waterproof. Therefore, in this article, we'll show you how to make your wireless router as hacker-resistant as possible. Your wireless router is a prime target for hackers who want to infiltrate your network or freeload off your Wi-Fi connection. Here are some things you can do to make your wireless router harder to hack.

Enable WPA2 or WPA3 Wireless Encryption

If you aren't using a minimum of Wi-Fi Protected Access 2 (WPA2) encryption to protect your wireless network, this leaves your network wide open because hackers can virtually walk into your network.

If you use outdated Wired Equivalent Privacy (WEP) security, which can be cracked in seconds by most hackers, upgrade to WPA2 or preferably WPA3, which is backward compatible with WPA2. Older routers may need a firmware upgrade to add WPA2 or WPA3 functionality. Check your router manufacturer's manual to learn how to enable WPA2\WPA3 wireless encryption on your router.

Wireless router with padlock on top of it
GodfriedEdelman / Getty Images

Create a Strong SSID Network Name and Pre-Shared Key

You will also need to make a strong SSID (wireless network name). If you use the router's default network name (for example, Linksys, Netgear, or DLINK), then you make it easier for hackers to hack your network. Using a default SSID or a common one helps hackers crack your encryption because they can use prebuilt rainbow tables associated with common SSID names to crack your wireless encryption.

Create a lengthy and random SSID name even though it might be hard to remember. You should also use a strong password for your pre-shared key to further discourage hacking attempts.

Turn on Your Wireless Router's Firewall

If you haven't done so, enable your wireless router's built-in firewall. Enabling the firewall can make your network less visible to hackers looking for targets on the internet. Many router-based firewalls have a stealth mode that you can enable to reduce your network's visibility. Also, test your firewall to ensure that you have configured it correctly.

Use an Encrypted Personal VPN Service at the Router Level

Virtual private networks used to be a luxury that only large corporations could afford. Now you can buy a personal VPN service for a small monthly fee. A personal VPN is one of the biggest roadblocks you can throw at a hacker.

A personal VPN anonymizes your true location with a proxied IP address and puts up a wall of strong encryption to protect your network traffic. You can purchase a personal VPN service from vendors such as WiTopia, StrongVPN, and others for as little as $10 a month or less.

If your router supports personal VPN service at the router level, this is the best way to implement a personal VPN. It allows you to encrypt all traffic entering and leaving your network without the hassle of setting up VPN client software on your computers. Using a personal VPN service at the router level also takes the encryption process burden off of your client PCs and other devices. If you want to use a personal VPN at the router level, check to see if your router is VPN-capable. Many manufacturers have several models of routers with this capability.

Disable the Admin via Wireless Feature on Your Router

Another way to prevent hackers from messing with your wireless router is to disable the admin via wireless setting. When you disable the admin via wireless feature on your router, it makes it so that only someone who is physically connected to your router with an Ethernet cable can access the admin features of your wireless router. This prevents someone from driving by your house and accessing the administrative functions of your router if they compromised your Wi-Fi encryption.

Given enough time and resources, a hacker might be able to hack into your network. However, taking the steps above will make your network a harder target, hopefully frustrating hackers and causing them to move on to an easier target.